WASHINGTON — Experts have a message for anyone with webcams, baby monitors
and home security cameras: change your password now.
Britain’s Information Commissioner’s Office said Thursday that footage being
collected from security cameras — such as closed circuit television networks
or built-in cameras like baby monitors — is being posted to the Internet.
A website based in Russia is posting live footage of homes and businesses
after having used the default login credentials for thousands of cameras.
The ICO is joining with its counterparts in the United States, China,
Australia and Canada to warn consumers about the Russian website.
The Russian site takes advantage of the fact that camera users receive default
passwords to get devices working — such as “1234.” Many manufacturers also
put default passwords online.
More than 350,000 of these cameras were sold in the UK alone last year, the
ICO reports.
So what actions can you take to make sure you and family are not being filmed?
The ICO’s blog
has some tips:
- Change your default password. When you get a new camera, there may
already be a default password on it or no password at all, and the best step
you can take is to set a new, strong password.Some of the default passwords are online, so it’s important to establish a
unique password only you would know. The best passwords have a mixture of
lower and upper case letters, numbers and characters. - Check security settings. Read a camera’s manual and familiarize
yourself with the security options available to you.A big selling point for new Internet cameras is the ability to access footage
remotely, but if not set up correctly, it can leave the camera vulnerable to
hackers.“Remember, if you can access your video footage over the Internet, then what
is
stopping someone else from doing the same?” the blog says.If you have no intention of viewing your camera’s footage on the Internet,
it’s best to turn off the remote viewing option under the device’s security
settings. - Secure devices with an Internet connection. Webcams aren’t the only
thing that hackers can access remotely — cloud servers can be vulnerable as
well.Personal cloud servers can allow you to access files stored remotely, and they
can be susceptible to hackers if you fail to secure them.Two-step authentication is a good way to secure a cloud server. This adds an
additional layer of security when logging in to an online service. Having it
turned on can protect your information even if your password is obtained.
Related Stories:
- 6 steps to protect against Russian hackers breach
- The most common (and hackable) passwords
- Column: What is 2-step verification, and how
do I use it? - A Closer Look: A second layer of security online
The Associated Press contributed to this report. Follow @WTOP on Twitter and WTOP on Facebook.
