In the last few days it has emerged that a Russian website “Insecam” is watching more than 73,000 homes and businesses around the world through camera surveillance, including around 230 cameras installed in homes, offices, stores, among other places in Portugal.
The captured images without authorization are then shown on their site and are accessible to all site visitors. According to the media reports, citing managers of Russian portal, global exposure of thousands of surveillance cameras video aims to raise awareness with consumer camera manufacturers that devices without protection can be easily accessed.
At issue is a simple password that few users change when they buy a computer or a home video surveillance system based on the internet, that is, with an identifiable IP.
In this particular case, the Russian portal has disseminated images of cameras with the login “admin” and the password “12345”. These are often standard when equipment is purchased and should be changed by the user at the time of installation. The apparatus of brands Foscam, Panasonic , Linksys, AVTECH and Hikvision are among the most accessible.
Also according to the media, the Judicial Police are aware of this issue, which may constitute a crime of violation of privacy and electronic device, but cannot undertake any investigation, because the portal is owned by a company registered in Russia, headquartered in Moscow, where the servers work.
Comment
I have raised this with the Judicial Police concerning preventative advice.
This is a lack of serious breach of security and privacy for targeted users. I would advise owners of CCTV to contact their company responsible for the video surveillance system installation, to check whether access data to the digital video recorder and router needs to be changed. Passwords should not be left as they were when the equipment was supplied. If users installed it themselves then re-set the user ID and password asap.
Regarding notebooks with webcams – I WOULD STRONGLY ADVISE a simple measure to avoid it being remotely activated by hackers and that is to stick a “post-it” note over the camera on the notebook when not in use – that way people cannot look at you or your home.