The smart security camera is a great device for keeping an eye on our homes, whether for package deliveries, critters searching our garbage cans, or intruders snooping around our homes. But an Internet-linked camera without robust security might be an easy target for hackers, potentially allowing a stranger to spy on your home.
According to the 2021 Statista Global Consumer Survey, 28 percent of U.S. consumers are worried that hackers could spy on them via their smart home devices.
Last year in March, a hacking group claimed they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., securing access to live feeds of 150,000 surveillance cameras inside Tesla factories and warehouses, Equinox gyms, Cloudflare offices, hospitals, jails, schools, police departments, and Verkada’s own offices.
Methodology to Hack Security Cameras
The common way to hack security cameras is through a technique called “credential stuffing.” Malicious actors employ usernames and passwords from other data breaches to secure access to accounts. The combination of large data breaches, such as those at Equifax and Target, and individuals reemploying the same password across multiple online services make the job easy for intruders.
Earlier this year in January, New York Attorney General Letitia James reported that the credential stuffing scheme compromised more than 1.1 million accounts in cyberattacks at 17 well-known firms. These included online retailers, restaurant chains, and food delivery services.
This type of hack doesn’t need to infiltrate a firm’s security camera system, so every brand is at risk. “These companies aren’t technically at fault,” stated Fred Garcia, who manages CR’s privacy and security testing for home security cameras. “Most companies offer a two-factor authentication system that acts as an extra deterrent against attacks like this. But there is more that these companies could do, like encouraging people to use that added security feature by default.”
The other sophisticated technique employed by hackers is the modification of security camera settings. Sneaky hackers won’t want you to know they’re in your network, hence, they’ll quietly change your password. Some overconfident hackers might even alter your camera name to “Change your password” or “Upgrade your firmware” as a sign of mockery and disrespect.
How to Safeguard Your Privacy
While no system is impervious to cyber attacks, some safety measures can mitigate the risks of being hacked and safeguard your privacy in the case of a hack.
• Employ cameras from reputable manufacturers, whether they are part of a professionally monitored security system or a DIY device.
• Keep your camera’s firmware up to date.
• Use security cameras with high-level, end-to-end encryption.
• Use complex passwords that cannot easily be guessed (in particular, avoid using passwords you already use for other online accounts).
• Employ two-factor authentication.