The use of people counting systems for business and marketing purposes is increasing across various industries. One such product is Teledyne FLIR’s Brickstream 3D Gen 2, which tracks customer movements by measuring traffic volume, visitor flow, dwell time, etc., and provides this data as big data. It is primarily installed in inconspicuous locations, such as store ceilings, capturing customers in real-time and aggregating data on customer numbers and movement paths. The system goes beyond simple surveillance or monitoring and is used to find better customer experiences and business opportunities.
Recently, however, these people counting systems were exposed on the internet, and their footage was made public. This raised several major security concerns. In this article, we’ll discuss how to identify Brickstream people counting systems that have been exposed to the public and their associated issues.
Brickstream’s People Counting System Exposed, Defenseless, To Attack Surface
The CTI platform and OSINT tools make it simple to discover Brickstream people counting systems exposed on the internet. Most of the discovered system pages are easily accessible without any authentication, which may be a result of insufficient security settings or the use of default passwords.
Let’s check how many Brickstream people counting systems are exposed online without any protection. Using the CTI search engine Criminal IP, you can discover multiple Brickstream-related Attack Surface threat information
The following is the result of searching for the keyword “Brickstream” in Criminal IP Asset Search.
Search Query: Brickstream
The search results revealed a majority of Brickstream findings in Asia, with some servers also exposed in the United States and Russia.
By adding a title filter to the keyword query above, you can narrow down the search results and find Brickstream’s settings pages.
Search Query: title: “Brickstream 2300 Basic Configuration
is accessible without authentication
The Brickstream 3D Basic Configuration pages found using the title filter above were publicly accessible without login authentication, allowing changes to settings such as DHCP, ports, and SSID names.
This time, the favicon filter was used along with the title filter. This method uses the keyword ‘Dashboard’ found in the Brickstream camera page title and ‘-6056d33’, which is a converted hash value of Brickstream’s favicon.
Search Query: title: “Dashboard” favicon:-6056d33
Using these OSINT search queries, you can discover dashboard pages of people counting systems that are externally exposed and unprotected. Some of the pages found are even configurable, which is a serious security concern.
Security Threat Solutions for Exposed People Counting Systems
Even without the administrator’s knowledge, captured footage of your store and office could be released to the public. The exposure issue of people counting systems is a serious matter that entails not only security threats but also privacy violations, business information leaks, and a loss of customer trust.
Therefore, when using people counting systems, you should follow the basic security guidelines below.
- Change the default password: Be sure to change the default password to a strong one after installation.
- Reinforce network security: Keep your people counting system behind a network firewall and allow external access only when necessary
- Perform regular security checks: Perform regular security checks to apply the latest security patches and check your settings.
- Use encryption: Use encryption protocols such as SSL/TLS for data transmission to prevent unauthorized access to your data.
- Set up access controls: Minimize user accounts that can access the people counting system and enforce strict permission management.
It is also important to use CTI search engines and OSINT tools to determine whether your people counting system is being compromised and take prompt action.
For related information, refer to the article Caution: External Exposure of License Plate Recognition Systems May Lead to Personal Information Leakage.
This report is based on data from Criminal IP, a Cyber Threat Intelligence search engine. Sign up for a free Criminal IP account now to explore the search results cited in the report and more extensive threat intelligence.
Source: Criminal IP (https://www.criminalip.io)
Related Articles: