They are everywhere: above the gate at the entrance to a community, in building lobbies, in children’s rooms and on nearly every street corner. Although they are meant to provide a sense of security, security cameras have recently become a preferred target for hostile actors. Since the launch of Operation Roaring Lion last week, Israel’s National Cyber Directorate has identified more than 40 cases in which private or public security cameras were hacked by Iranian groups and other hostile actors for intelligence gathering.
Such breaches can pose a national security risk, as some cameras allow attackers to track the movement of forces in public spaces, monitor missile impact sites and gather other sensitive information. Just last week, the Financial Times reported that, on the other side of the conflict, Israeli intelligence exploited a similar opportunity ahead of the assassination of Iran’s Supreme Leader Ali Khamenei, reportedly hacking into nearly all traffic cameras in Tehran.
In recent days the National Cyber Directorate has identified a targeted Iranian effort focusing on these systems. As a result, the agency — together with other security bodies — has been working to detect, disrupt and warn the owners of vulnerable cameras, including businesses, local authorities, public institutions and private individuals.
The most common method used to breach cameras is exploiting built-in vulnerabilities in their operating software, or simply logging in using the generic default passwords that come with the device from the factory. According to estimates, hundreds of thousands of such cameras are installed across Israel, most of them either completely unsecured or at least exposed to relatively simple intrusion attempts.
“Owners of security cameras must ensure they cannot be accessed directly from the internet, immediately change default passwords, update security versions and limit their exposure to public areas. These days, an unsecured connection is not only a privacy risk but a security risk, and it requires responsible technological conduct,” according to Dana Toren, head of operations at the National Cyber Directorate.
Why are they so easy to hack?
The main reason is simple: laziness. Unfortunately, most users — both private and commercial — plug the camera into power after purchasing it, confirm they can see the image on their phone and stop there. Camera manufacturers often cater to this human weakness by enabling technologies such as P2P (Peer-to-Peer) or UPnP by default. These technologies effectively bypass the home router’s firewall and open a “back door” to the outside world.
In addition, many cameras installed in public spaces and small businesses suffer from what experts call “digital neglect.” Users frequently fail to change the factory-set admin password, neglect software updates, or configure the device so that anyone who knows its IP address can easily reach the login page.
For even a novice hacker, locating an unsecured camera can take only minutes. Websites such as Shodan scan the internet and map connected devices worldwide. A hacker can simply search for “Israel” alongside a specific camera model and receive a list of thousands of exposed IP addresses.
2 View gallery
Make sure to update the camera software and change the security password that comes with the device
(Photo: Roi Han )
Other groups use automated bots that attempt thousands of common username and password combinations until they successfully guess the correct credentials. Many camera models also contain manufacturer back doors created for maintenance purposes, or known software bugs that allow attackers to bypass password protection altogether.
Once a hacker gains control of a camera, they can not only watch the footage it records, but also use it as a “bridgehead” to infiltrate other computers on the same network — and in some cases even inject fake video feeds in real time.
The cameras most at risk
The Israeli market is flooded with low-cost brands, but experts generally divide them into three main categories.
The first — which requires the highest level of caution — includes unbranded cameras often sold on sites such as AliExpress, as well as products made by Chinese companies Hikvision and Dahua, which face heavy restrictions in the United States and the United Kingdom due to concerns about built-in security vulnerabilities and possible links to the Chinese government.
The second category, typical of home security cameras, includes well-known consumer brands such as Xiaomi, TP-Link and Eufy, which provide stronger security for household users but rely heavily on cloud services.
The third category includes higher-end manufacturers such as Sweden’s Axis, Korea’s Hanwha Vision and Bosch, which emphasize end-to-end encryption and frequent firmware updates.
How can you protect yourself?
Experts recommend several steps that can be implemented immediately on most cameras:
Change the password: Not “123456,” not “admin,” and not your family name. Use a strong, unique password for each camera.
Disable P2P and UPnP: If you do not absolutely need instant remote access, disable these options in both the camera and router settings.
Separate networks (VLAN): In businesses and smart homes, place cameras on a separate network from devices containing sensitive data.
Enable two-factor authentication (2FA): If the camera is connected to an app, always activate verification via SMS code or authentication app.
Disconnect if unnecessary: If the camera is not currently needed, disconnect it from internet access.
Check for updates: Install security updates released by the manufacturer.
Anyone who suspects their camera has been compromised can contact the National Cyber Directorate’s 119 hotline for assistance.