ICO warns on Russian-based website showing live feeds from around the world, and urges consumers to set up password protection
Live video feeds from thousands of webcams, CCTV camera and baby monitors around the world have been hacked and put up online, according to the Information Commissioner’s Office (ICO).
Russian hackers are thought to be behind the breach, which has affected feeds from around the world using either default passwords or no log-in codes at all.
This includes 584 streams from webcams, CCTV cameras and baby monitors located within the UK, alongside thousands of feeds from the US, France and the Netherlands, as well as video from countries around the world such as Nicaragua, Pakistan, Kenya, Paraguay and Zimbabwe.
The ICO says it is now working with the US Federal Trade Commission (FTC) to get the site taken down.
In a blog post, Simon Rice, the ICO’s group manager for technology, warned consumers that having proper security controls, including strong passwords, was the best way of protecting their devices from hackers.
“The ability to access footage remotely is both an internet camera’s biggest selling point and, if not set up correctly, potentially its biggest security weakness,” he wrote. “Remember, if you can access your video footage over the internet, then what is stopping someone else from doing the same?
“You may think that having to type in an obscure web address to access the footage provides some level of protection. However, this will not protect you from the remote software that hackers often use to scan the internet for vulnerable devices. In some cases, insecure cameras can be identified using nothing more than an internet search engine.”
The fact that a website is able to stream footage from thousands of cameras, illustrates the risks that consumers are taking by not changing the default passwords on camera enabled devices, says David Emm, principal security researcher at Kaspersky Lab.
“It only takes a minute to change a password, and the longer it is left unchanged, the greater the chance that the device will be compromised,” he added.
“The problem is that we think of such devices – mobile phones, webcams, etc. – as our window on the world. But, we don’t realise that for cybercriminals it could be their window into ours if we don’t secure our devices. Hacking into a device’s camera offers those with malicious intent access to our images, our most intimate moments, our identities – and the people we want most to protect, such as our children.”
The news is the latest in a series of scares concerning the security of webcams. Earlier this year, it was reported by noted whistleblower Edward Snowden that British intelligence agency GCHQ (Government Communications Headquarters) has been collecting millions of images of law-abiding citizens obtained directly from their webcams during online chats.
This was part of a programme codenamed ‘Optic Nerve’, which reportedly targeted the users of Yahoo Webcam services, and collected data including tens of thousands of sexually explicit images, and GCHQ had to issue extensive guidelines on dealing with nudity.
What do you know about your webcam? Find out with our quiz!