Website Streaming Video from Hundreds of Unsecured IP Cameras
Recently news reports broke of a website posting video streams from a large number of unsecured IP cameras. Seriously creepy stuff.
Putting aside the white hat hacker debate and whether these guys were doing a form of public service or invading privacy, let’s look at the basic problem that’s been highlighted here. Users are setting up network video cameras, opening them to the internet and using ridiculously insecure passwords — in fact, most of the time using the manufacturer’s default password! According to reports, that’s all this website did is crawl the internet looking for easily accessible cameras while trying to login with the default passwords from popular manufacturers.
So what can users do? Well, the easiest thing is to make sure to change the default password provided with the camera. Also changing the default username from “admin” or “root” wouldn’t hurt either.
The second thing you can do is ensure you have the latest firmware for your cameras. Devices can have vulnerabilities, so getting the latest fixes from the manufacturer is a must.
You do those two things and your risk will drop instantly.
Also recognize that no device or system is hack-proof, so there’s always some risk. But if your cameras are pointed at your driveway or other relatively innocuous areas of your property, you will keep your privacy in-tact. If you are still uncomfortable then one answer is to simply not use one of these devices! I’m obviously not an advocate of that approach since I believe, with some basic privacy precautions taken, the risk is low and the benefits are high.