How 'home hackers' spy on you and your children... with YOUR webcam: The shocking evidence that shows how private lives are snooped on and streamed live on web
A MAIL ON SUNDAY investigation can reveal that 'home hackers'
are easily able to spy on people going about their daily lives through
cameras designed to improve their security. During a two-hour period
last week we watched an internet website - available to anyone in the
world - and saw footage including babies in cots, centre, a schoolboy
playing on his computer in north London, bottom right, an elderly woman
relaxing in a chair, top right, and a child asleep in bed, left.
How 'home hackers' spy on you and your children... with YOUR webcam: The shocking evidence that shows how private lives are snooped on and streamed live on web
- Investigation reveals 'home hackers' are spying on people through webcams
- Vulnerable devices include baby monitors and domestic security cameras
- 350,000 such cameras are bought every year in the UK by individuals
- Many fail to change the default passwords leaving them open to hackers
- Experts say thousands may not be aware hackers are able to spy on them
Security
camera footage from inside homes, offices and shops across Britain is
being intercepted and broadcast live on the internet – without the
owners’ knowledge.
A
Mail on Sunday investigation can reveal that ‘home hackers’ are easily
able to spy on people going about their daily lives through cameras that
were installed in homes to improve security.
During
a two-hour period last week we watched an internet website – available
to anyone in the world – and saw footage from British locations of:
Scroll down for video
A baby in her cot: These personal webcam images were all easily accessible online last week
- Babies in cots
- A schoolboy playing on his computer at home in North London
- Another boy asleep in bed
- The inside of a Surrey vicar's church changing room
- An elderly woman relaxing in an armchair
- Two men in a kitchen sharing a meal
If
you have installed a camera of the type that can be hacked in this way,
you could be being watched now. Vulnerable devices include baby
monitors, domestic security cameras and CCTV units that monitor offices,
shops and factories. Hacking can be prevented simply by changing the
factory-set default security codes that every camera comes with.
Last
night Liberal Democrat MP Julian Huppert, who sits on the influential
Home Affairs Committee that scrutinises internet crime, said
manufacturers had to do more to protect customers.
‘It’s absolutely shocking. We should get the companies which sell this to force customers to change default passcodes,’ he said.
‘This should be a wake-up call to anyone who has a camera in their home or business.’
Some
350,000 individuals and businesses buy such cameras every year in the
UK and many fail to change the default passcode – leaving them exposed
to hacking.
A
large number of buyers will be parents who use the devices to monitor
babies and young children. They will be horrified to learn that footage
they assumed could be accessed by them alone has, in some cases, been
made available by hackers for the world to see.
A young child asleep: Parents using home security cameras often fail to reset factory setting codes
An old lady relaxing: Not resetting passwords makes it easy for hackers to seek out and broadcast live film on the internet
Our
investigation found that nearly 60,000 hours of live feed from UK
surveillance cameras can be viewed every day on one website alone.
As well as raising a number of security concerns, experts said it also represented an appalling invasion of privacy.
Professor
Alan Woodward, a cyber security specialist, said: ‘The really scary
thing is that people buy these cameras for their own security. But they
have no idea that thousands of people might be spying on them at any one
time.’
Much
of the footage is mundane and reflects the enormous growth in home
security systems, but there are also huge amounts of live feed from
offices, restaurants, bars, swimming pools and gymnasiums.
Cashiers
and hotel receptionists are observed in close-up from cameras fixed to
walls behind them; there is footage from inside a London hair salon;
women can be seen having their nails manicured in Eastleigh, Hampshire;
and another stream shows men lifting weights in a Manchester gym.
Technology
expert Shawn Day said there was worrying potential for the footage to
be exploited by criminals. He said: ‘There was one camera in an office
and I could actually read the screen of the computer where they could be
entering private information such as passwords, but it’s fully
displayed to the world.
‘It’s
not just the creepy feeling that you are being seen, which is the main
concern, it’s also the content of what is being seen. We’re talking
about financial information, private information – exactly the sort of
stuff the camera is designed to protect, but is doing the opposite.’
Many home webcams, such as these, are easy targets for hackers, and 350,000 are bought in the UK everyday
The
Mail on Sunday was able to watch footage showing scores of people
inside their homes, who were oblivious to the fact that they were being
observed.
Many
cameras were fixed on babies and small children sleeping in their beds.
There was also close-up footage of an elderly lady relaxing in
Aberdeen. Another camera in a London home filmed a schoolboy texting on
his mobile phone. A man in Crawley was seen on a sofa with a cup of tea,
with family photographs on the wall behind him.
In the past there have been some incidents of computer hacking to seize control of built-in webcams.
That
process is called ‘ratting’, as the hackers send out a virus that
allows them access to a person’s desktop computer or laptop without
their knowledge.
But
we discovered that the hacking of stand-alone security cameras – IP
(Internet Protocol) cameras – is a much simpler process and more
widespread. Most cameras that connect to the internet come with a
default username and password which most people do not realise they can –
and must – change.
If
owners fail to do so, their live feed, which they can access from
smartphones, could also be picked up by hackers who scan addresses on
the internet until they find an exposed IP camera. Experts fear large
numbers of such cameras are vulnerable to hacking.
The Mail on Sunday visited a travel company, pictured, which had no idea its security camera images were being streamed online
Our reporter, right, showed staff how their meeting was being shown live on the internet
A computer showing the reporter waving
at the camera after revealing to the office workers that their footage
was available online
The
hackers then input a number of commonly used default passwords until
they gain access. Finally they stream the results on to their own
websites for all to see.
For
security reasons, the hacking website is not being named by The Mail on
Sunday. The site keeps the exact locations of the cameras deliberately
vague, providing only names of cities and towns.
During our investigation we discovered footage being beamed from a travel agent’s office in London.
Our
reporter visited the office to alert the owner, who had no idea his
daily business was being broadcast to the world. As our reporter helped
him log on to the hackers’ website, staff at The Mail on Sunday’s office
we were also monitoring it.
We saw the reporter walk into the shop and explain that the six CCTV cameras had been hacked.
Our reporter waved at the camera and the businessman was astonished to see it broadcast on his computer.
The
shop could easily be identified to any criminal watching because one of
the hacked cameras partially revealed its address on a hoarding.
‘This
is absolutely appalling,’ said the manager, who asked not to be named.
‘The system was installed three months ago and they didn’t tell us
anything about passwords. I can assure you they will be changed.’
His
cameras were manufactured by China-based Hikvision, which insisted last
night that it does ‘everything possible’ to warn of the need to change
default passwords.
In
another case, we identified a house in Southend, Essex, because the
Hikvision cameras at the property – fixed on the drive, back door and
side gate – included the owner’s name and address on screen.
The
owner said: ‘We got these cameras to try to keep our property safe but
we never imagined that people are looking at our house and what we’re
doing. Burglars could see when we’re out.’ After being alerted, the
travel agent and homeowner both changed their passwords. Their footage
is no longer available online.
Many of the hacked cameras used by parents are made by another Chinese company, Foscam.
A
spokesman said it was aware of hacking and will now ‘force’ users to
change passwords. It is not clear who is behind the hacking website, but
The Mail on Sunday established that it is ‘hosted’ by a company called
MediaNet based in the Moldovan capital, Chisinau.
A
spokeswoman said: ‘We were not aware of this. Thank you for letting us
know.’ She could not say what action, if any, would be taken.
Tony
Neate, of the Government’s Get Safe Online campaign, said: ‘The most
important thing to take away from this is how important it is to change
the default password on the device. Camera instruction manuals should
explain how to do this, and if not, then you should contact the
manufacturer for guidance.’
It
is unclear what can by done by police, who have spent more than £20
million investigating phone hacking. The National Crime Agency said: ‘It
is vital that individuals and businesses take all possible steps to
protect themselves from having personal or financial information
compromised, making sure operating instructions are followed, security
software is up to date, and passwords are strong and regularly changed.’
- Information on staying safe online can be found at cyberstreetwise.com and getsafeonline.org.
COPY http://www.dailymail.co.uk/
Nenhum comentário:
Postar um comentário