A new worldwide attack has been detected during last 2 days affecting all DAHUA devices.
The vulnerability to external manipulations of any device connected to the Internet is an issue that affects us all. That is why it is necessary to adapt to the reality of this type of practices, which take advantage of those systems that do not take a minimum of precautions to protect themselves.
Our commitment from the Cybersecurity Department of BY DEMES GROUP is to watch over our customers and to foster a culture of active and constant prevention, which we have not yet assimilated in our sector, but which has become an essential necessity in the face of the growing number of and multiform variety of attacks by which all existing devices are being affected.
From BY DEMES GROUP again we make available to our customers the technical service to request any relevant Firmware update and the following measures we have been recommending for months to increase the usual protection of IP installations:
1) Update Firmware to the latest version of the recorders connected to the Internet and also factory default. If your recorder is discontinued and you do not find the Firmware, skip this step and go to number 2.
2) Modify the administrator password to values that are not by default (the recorders that are served since 2017 already require to use a secure password).
3) Remove unnecessary accounts and periodically review the logs of the system.
4) Change http ports of the default value 80 to other available ports out of the usual ones or use the https.
5) Redirect the streaming ports 37777 on the Router also with another numbering.
6) Avoid using the DMZ to redirect the remote connections to the recorder.
7) Activate the Router's Firewall to values that are not without filter.
8) Change Router password, never leave the one that comes by default (common error of many end users).
9) Block the Telnet port on the Router and the Ping response (advanced actions we strongly recommend).
10) It is recommended, in the case of IP cameras, the use of NVR with integrated POE switch, isolating them completely from the outside.
These new 10 commandments of cybersecurity are part of the essential protection measures we should take for any IP device we have online.
We will continue to ensure the safety of our customers and recommend visiting our "News" section periodically to be informed of any updates.
Cybersecurity Department of BY DEMES GROUP