Skip to main content

Sony Security Cameras Require Update Due To Security Risk

By December 24, 2016May 11th, 2022Blog, Cybersecurity

If you use Sony cameras to secure your business, you could be at risk.

Security researchers have recently discovered a pair of devastating security flaws in as many as 80 different models of Sony cameras.

The first of these appears to be a debug mode that was inadvertently left in place by Sony engineers. The second, dubbed “Primana,” allows hackers to remotely commandeer the web server built into the cameras and gain complete control over them, disrupting camera functions, disabling them or turning them against their owners.

As Johannes Greil, the head of SEC Consult Vulnerability Lab pointed out during an interview on the subject, “Those Sony IPELA ENGINE IP camera devices are definitely reachable on the Internet and a potential target for Mirai-like botnets, but of course it depends on the network/firewall configuration.”

Sony has responded to the issue quickly, publishing an advisory on its company website that provides complete details about the vulnerabilities. They also released a firmware update on November 28 which addresses these issues.

Unfortunately, it gets worse. A separate research team from Cybereason discovered additional zero-day vulnerabilities in cameras running old Linux software. These bugs have been found in no less than ten different camera models from ten different vendors, including the popular VStarcam, which is sold on both eBay and Amazon.

What makes this second discovery potentially worse than the Sony vulnerabilities is the fact that these older model cameras aren’t designed to receive software updates remotely, so there’s no way the manufacturers can push an update to address the flaws. The only way to be sure your older equipment can’t be hacked is to simply replace it with something more secure.

If you currently rely on Sony cameras, your next stop should be the Sony website to see whether the models you’re using were impacted by the security flaw. If so, make certain that you have, in fact, received the latest firmware update.

If you’re using old Linux-based cameras, now is the time to consider replacing them.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.