How much you know about CCTV Cybercrimes

CCTV is now an essential part of not only offices, shops, or factories but also our homes. CCTV not only tells us what happened, who did it, how it was done, and other details about the incident that happened in the past, but also deters future theft by making thieves afraid that they might get caught in the act. This CCTV has started spreading not only outside the house but also inside the house, from our baby’s crib to the elderly parents’ bedroom and other places. Today’s CCTV technology is so advanced that it not only captures the image but also the conversation taking place in that place and the pixel clarity of its camera lens is so good that one can zoom in so that the viewer can easily see small letters and objects in the captured image. Cybercriminals are hacking your CCTV and using the content captured on it to commit robbery, blackmail, financial crimes and many other cyber crimes against you or your property. Few months ago, there was a news report that CCTVs of the popular Taiwanese company AVTECH were hacked using malware called Mirai and were taken control by hackers. In this column, I will talk about how cybercriminals are misusing CCTV, how you can protect your CCTV and what are the legal and other remedies available to victims. New CCTVs are smart device or a Internet of Things (IoT) device, to know more about its protection, you can read my article on IoT written some time back.

How Cybercriminals are Using CCTV for committing cybercrimes:-

Like all other technologies, CCTVs are also moving from analog towards digital/IP (Internet) technology. Cybercriminals either hack the new digital Internet-enabled CCTVs and take them over or install a malware software (app) inside them that either sends all the images over the Internet to a predetermined website or computer or provides a backdoor access to the criminals to control the device. To hack your Internet-enabled digital CCTV, they :

1. Brute force attack : Most of us never change the default password of CCTV or the common password that was set when CCTV was installed, so hackers use this to take control of your CCTV. Thousands of HiKVision CCTV cameras were hacked in the US in 2017, which was the first such attack that was reported widely.
2. Backdoor exploits : In this type of attack, hackers use a bug or flaw in the software in the CCTV or install malware to gain control over it.
3. Local WiFi/Internet attack : Here cybercriminals first hack your internet WiFi or physically access your internet and then take control of your CCTV.
4. Man-in-the-middle attack : Here they penetrate or hack the network or wire going from the CCTV to the DVR and steal the information being transmitted on that wire/network.

To prevent CCTV misuse, you :-

1. Always buy CCTV equipment only from a reputable company.
2. Set your own strong password for CCTV after installation.
3. Update CCTV software regularly with security updates.
4. Protect your CCTV DVR and to the internet network it connects to from strangers.
5. Set a strong password for the WIFI internet that your CCTV connects to.
6. Keep the WIFI internet that your CCTV connects to and your company’s internet separate.

If you are a victim of CCTV cybercrime :-

Immediately call 1930 Cyber ​​Helpline or file a complaint at cybercrime.gov.in or the nearest police station. Do not respond to threats or blackmail tactics from cybercriminals. Change your CCTV and internet password, or factory reset it if it is infected by malware. Enhance the security of your CCTV and internet equipment.

Legal remedies available to victims :-

You can file a criminal case at your nearest cyber or general police station under the following legal sections or as suggested by the police based on your case:

• Section 303(Theft), 319 (punishment for cheating by impersonation) and 336 and 318 (cheating and dishonestly inducing delivery of property), Section 323(extract data illegally), Section 329(criminal trespass), Section 337(Forgery), Section 338(Punishment for Forgery), and Section 340(Usage of Forged document) of Bharathiya Nyaya Sanhitha(BNS).
• The Information Technology (IT) Act 2000/08 provides for Section 43 (Penalty and compensation for damage to computer, computing device etc.), Section 65 (Wrecking a computer), Section 66 (Punishment for computer related offences – person who steals data, spreads virus to a system, destroys data, hacks, or denies access to a computer or network to an authorised person), Section 66C (which provides for penalty for identity theft and fraudulent or dishonest use of a person’s identity information) and Section 66D (Punishment for fraud committed by impersonation using computer resources).