PEOPLE could be watched in their own homes or at work with hackers targeting household webcams and uploading live footage to the internet, the UK’s privacy watchdog has warned.
The Information Commissioner’s Office (ICO) has urged people to upgrade their passwords after a Russian-based website was found to be accessing cameras in everything from CCTV to baby monitors.
The website is thought to feature live feeds from homes and businesses across the UK, including a gym in Manchester, a bedroom in Birmingham, and an office in Leicester.
With an estimated 350,000 such cameras sold in the country last year, the ICO warned that those without password protection or with weak passwords could be vulnerable to hackers.
Simon Rice, ICO group manager for technology, said: “The website, which is based in Russia, accesses the information by using the default login credentials, which are freely available online, for thousands of cameras.
“The footage is being collected from security cameras used by businesses and members of the public, ranging from CCTV networks used to keep large premises secure, down to built-in cameras on baby monitors.
“This is a threat that all of us need to be aware of and be taking action to protect against.”
Many people use webcams to monitor their homes remotely while they are away, viewing the footage over the internet.
But Mr Rice warned: “The ability to access footage remotely is both an internet cameras biggest selling point and, if not set up correctly, potentially its biggest security weakness. Remember, if you can access your video footage over the internet, then what is stopping someone else from doing the same?
“You may think that having to type in an obscure web address to access the footage provides some level of protection. However, this will not protect you from the remote software that hackers often use to scan the internet for vulnerable devices. In some cases, insecure cameras can be identified using nothing more than an internet search engine.
“As a last resort, you can always cover the lens if you don’t want to use the camera all of the time.”
Information Commissioner Christopher Graham told the BBC there were 600 UK feeds and there were international efforts to tackle the site.
“It’s spooky,” he said.
“They scan the internet and track down feeds. There are 600 in the UK and that is nothing - there are 5,000 in the States. We were alerted to it by our colleagues in Australia and Canada. It’s all over the place.”
He added had the website been based in the UK it would be illegal, breaching the Data Protection Act, but said the issue needed a “global response”.
Emma Carr, director of Big Brother Watch, said: “Few people would leave their front doors unlocked, yet failing to password protect your devices carries the same risks to both their privacy and security.
“As the capability of these devices becomes increasingly sophisticated, it is inevitable that users will inadvertently expose themselves and their lives to hackers. This warning from the ICO should come as a timely wake up call that the public need to start educating themselves about the technology they are bringing into their homes and how to keep it secure.”