Samah Ahmed

Assistant editor, IFSEC Global

March 3, 2020

Sign up to free email newsletters

Download

The State of Physical Access Control in EMEA Businesses – 2020 Report

Cyber security

Smart cameras vulnerable to hacking, highlights the NCSC

Smart cameras and other Internet of Things devices are being targeted by cyber-hackers because owners aren’t changing default settings, highlights the National Cyber Security Centre (NCSC). 

baby monitorAs they increasingly become popular in households, owners of smart devices – cameras in particular – are being advised to change the default passwords and settings to reduce the risks of being hacked. According to the NCSC and other security chiefs, these products are vulnerable to cyber-attacks, as users rarely change the initial passwords and ignore software updates.

Previous cases of cyber-attackers intruding into owners’ homes through smart cameras include an attacker speaking to a young girl through a baby-monitor, pretending to be Father Christmas, and a couple from Leeds being watched by thousands online, without their knowledge.

What to do to prevent smart devices from being hacked

NCSC has listed steps to protect devices at home, including: 

  • Applying device software (often called firmware) updates. Not only does this improve its features, but regularly applying relevant software updates will also strengthen its security features.
  • Changing the default password to a unique one and remembering to mix letters and numbers. The default password is usually short and easy to guess, such as ‘admin’ or ‘0000’, making it easy for hackers to gain access. Passwords shipped from the same company can also sometimes have the same passwords, so if the password is leaked for one device owner, it is also leaked for others.
  • Switching off features that allows users to check the camera remotely, if it is not in use. This will prevent hackers from viewing or listening to activity in the room where the device is.
  • Disabling UPnP (universal plug and play), and “port forward” in the settings of internet routers.

The Government announced plans to introduce a new law in January, for all manufactures selling smart devices in the UK to comply by legislation to decrease hacking. The plans set to be brought in by the Government, outlined in the Consultation on regulatory proposals on consumer IoT security, have included:

  • All consumer internet-connected device passwords must be unique and not resettable to a universal factory setting
  • Manufacturers must provide a public point of contact for vulnerability reports
  • Manufacturers must state the minimum amount of time for which the device will receive security update

Digital Minister in the UK, Matt Warman, stated: “Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people’s privacy and safety. It will mean robust security standards are built in from the design stage and not bolted on as an afterthought.”

However, Blake Kozak, a Smart Home Analyst at Omdia, believes that more needs to be done, such as including a mandatory two-factor authentication. He said: “More detailed legislation will be needed to enforce best practises by brands, from the components in the devices to the security of data centres.”

Dr Ian Levy, Technical Director at NCSC commented: “Smart technology such as cameras and baby monitors are fantastic innovations with real benefits for people, but without the right security measures in place, they can be vulnerable to cyber attackers.

“There are practical measures which we can all take to help us get the most out of our home-based technology in a safe way.”

Why should you attend IFSEC International?

8–10 September 2020, ExCeL London

If thousands of products and solutions provided by hundreds of leading security suppliers doesn’t tempt you, why not consider:

  • The full programme of seminars and presentations from industry thought leaders?
  • The live on-stand demonstrations of the most innovative products?
  • Thousands of fellow professionals and ample spaces for networking?
  • The chance to expand your business and grow your network?
IFSECInternational_register please

Related Topics

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments