Security service warns smart cameras and baby monitors could be accessed by criminalsDan Kamashu
Cyber criminals could access smart cameras and baby monitors if left unsecured, warns the National Cyber Security Centre.
Criminals could even access baby video monitors
The National Cyber Security Centre (NCSC) has warned owners of smart cameras and baby monitors that cyber criminals could access these devices if users haven’t changed their default passwords.
In a joint announcement with the consumer group Which? the government agency responsible for cyber defence warned that live feeds from these cameras could be accessed by criminals.
This posed a privacy challenge in itself, but could also be used by thieves and criminals to assist them when performing burglaries or similar attacks.
To address the risk the NCSC encourages people to change their smart camera’s default password using the app they use to manage the device. They suggest connecting three random words together which you will remember.
NCSC has warned the public to update their devices
Users should also keep their cameras secure by regularly updating their security software, and if they do not use the feature which allows them to remotely access the device from the internet, to disable it.
Speaking to Sky News last year, the then digital secretary Margot James said the government was prepared to force manufacturers and retailers’ hands when it comes to selling insecure internet-connected devices.
Ms James warned consumer privacy and security was “at risk” because of flaws in security standards in internet of things (IoT) devices.
The issue is likely to grow as more consumer IoT devices – everyday objects connected to the internet which can communicate with each other over the web – become part of the average British household, Ms James added.
This January, the government announced plans to bring in laws which would make manufacturers of smart devices adhere to three rules:
- All consumer internet-connected device passwords must be unique and not resettable to any universal factory setting
- Manufacturers of consumer IoT devices must provide a public point of contact as part of a vulnerability disclosure policy, so anyone can report a vulnerability
- Manufacturers of consumer IoT devices must explicitly state the minimum length of time for which the device will receive security updates at the point of sale, either in store or online
Smart cameras could be accessed by cyber criminals
The digital infrastructure minister Matt Warman said: “We are working hard to make the UK the safest place to be online and want everyone to have confidence in their connected devices.
“I recently announced new laws to improve the security standards of internet-connected household products which will hold companies manufacturing and selling these devices to account.
“I urge everyone who owns a smart product to follow the NCSC guidance to make sure their device is secure.”
Caroline Normand, Which? director of advocacy, added: “Which? has repeatedly exposed serious security flaws with devices including wireless cameras and children’s toys.
“Mandatory security requirements and strong enforcement that ensures manufacturers, retailers and online marketplaces are held accountable for selling unsecure products is essential.
“Until new laws are in place, it is vital that consumers research smart device purchases carefully, and follow guidance to ensure their devices are protected by strong passwords and receiving regular security updates to reduce the risk of hackers exploiting vulnerabilities,” she added.
Creative Commons Disclosure
About Mandatory Compliance
Mandatory Compliance is the leading UK provider of CPDUK accredited healthcare and social care training courses, e-learning programs and Ofqual approved qualifications.
Click on the links below to find out more about our accredited e-learning courses and qualifications:
- Business Administration
- Charities and Volunteers
- Child Care Services
- Clinical Commissioning Groups
- Clinical Governance
- Clinical Skills Development
- Corporate Governance
- CQC Compliance
- Education and Training
- Equality and Diversity
- FE Colleges And Universities
- Finance Management
- Health and Safety at Work – Online Training Courses
- Health & Social Care
- Health Law and Ethics
- Human Resource Management
- Information Governance (GDPR)
- IT and Technology Management
- Leadership and Management
- Local Authorities
- Long Term Conditions
- Mental Health Awareness
- Primary Care Services
- Public Health
- Research and Development
- Risk Management
- Safeguarding People at Risk
- Sales and Marketing
- Statutory Mandatory Training
- Work Skills and Development
- Workforce Development.
Contact our Support Team on 02476100090 or via Email for more courses relating to the Care Quality Commission (CQC) and other regulatory compliance requirements.