STE WILLIAMS

Top 5 reasons to deploy VMware with Tegile

UK data privacy watchdog the ICO is warning people to secure their web cams and change default passwords.

The warning follows the creation of a website that allows voyeurs to watch live footage from insecure cameras located around the world. The website, which is based in Russia, accesses the information by using the default login credentials, which are freely available online, for thousands of cameras.

Steamed footage available through the site ranges from live footage from CCTV networks to built-in cameras from baby monitors. The footage is largely available because consumers and businesses alike are failing to change default passwords.

The particular site – insecam.cc – at the centre of the security flap claims it has been set up order to show the importance of the security settings. “To remove your public camera from this site and make it private the only thing you need to do is to change your camera default password,” it states.

Insecam claims to offers feeds from IP cameras all over the world. Whether or not it violates any security and privacy laws has been a matter of some debate. Irrespective of that, it seems unlikely that Russian authorities will move to shut down the website anything soon. And even if they do, it might easily pop up in another jurisdiction.

David Emm, principal security researcher at Kaspersky Lab, commented: “The fact that a website is able to stream footage from thousands of cameras, illustrates the risks that consumers are taking by not changing the default passwords on camera enabled devices. It only takes a minute to change a password, and the longer it is left unchanged, the greater the chance that the device will be compromised.”

A related threat means that malware on computers can turn PCs into tools for online Peeping Toms. This is a very real threat as evidenced by a number of successful prosecutions. Perverts typically use surreptitiously captured images or footage in attempts to blackmail victims into handing over more explicit images.

“The problem’s not just restricted to IP devices, but to any device that has a connection to the Internet. This includes devices that connect via a home router, such as baby monitors or webcams. It also includes mobile devices too,” Emm added.

A blog post by the ICO provides a list of simple steps that guard against internet-connected webcams being hijacked. There are three main steps: change default passwords, check all the available security settings, and secure all of your other devices with an internet connection. ®

Remote control for virtualized desktops

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2014/11/20/insecure_webcam_peeping_tom_threat/