You’re not the only one watching your baby: webcam security alert
For Russian hackers, it’s as easy as 1-2-3-4.
That’s among the simple manufacturer passwords that have been exploited to swipe personal video from computers in more than 100 countries, including Canada, and post the footage on a Russian website, according to Britain’s information commission.
The hackers have been targeting baby monitors, webcams, and personal security cameras, uploading the footage to a site authorities have declined to identify for fear of driving traffic its way.
A child playing in Bucheon, South Korea, and an empty crib in Absecon, New Jersey are among the video images that have appeared on the website, Britain’s Information Commissioner’s Office said Thursday. The hackers have posted footage from bedrooms, office buildings, shops, laundromats, stables and barns, the agency said.
Canada’s Privacy Commissioner could not immediately say how many Canadians have been targeted, or how they have been affected, but spokesperson Anne-Marie Hayden said the commission was trying to get the hacked images taken off the website.
“We’ve been in touch with, and are now working with, our international counterparts on this issue,” she said in an email. “We fully support UK Information Commissioner Christopher Graham’s call for Russian authorities to take immediate action to take down the site.”
“As well, we plan to reach out to web camera makers to discuss the issue of defaults and webcams with remote access capabilities,” she added.
“We would also urge anyone with a webcam in their home or business to ensure that they take steps to secure the camera – make sure you are not using the factory default password.”
The hackers have preyed on IP cameras, which let users remotely monitor footage via a web address, said Greg Jones, spokesperson for the U.K.’s Information Commissioner.
To stream the live video, users must enter a password, and they often use the simple default code provided by the manufacturer: combinations like “pass” or “1234.”
To beef up their security, people should use passwords with a combination of upper- and lower-case letters, numbers, and characters like ampersands and plus signs.
“If you were to change your password from a default password, (your footage) would disappear off the site shortly afterward,” Jones said.
Authorities in Hong Kong were the first to be alerted to the site, he added, before passing on what they knew to their Australian counterparts, who informed Canada’s Privacy Commissioner.
“It was initially Hong Kong — Hong Kong to Australia, Australia to Canada, Canada to ourselves and then America as well.”
British authorities think the site may be hosted by a company with ties to the U.S., and are working with officials in that country to confirm.
with files from the Associated Press
RELATED:
Travel safety: Outsmart hackers on your smart phone
Ottawa warned about its vulnerability to hackers, lack of strategy
