Russia hacking site spying webcams worldwide: Britain

November 20, 2014

Hackers have accessed household webcams, baby monitors and CCTV cameras with footage appearing online on a website in Russia, Britain's privacy watchdog warns
Britain's privacy watchdog on Thursday called on Russia to take down a site showing hacked live feeds from thousands of homes and businesses around the world and warned it was planning "regulatory action".

The Information Commissioner's Office (ICO) said that hackers were taking advantage of devices like CCTV cameras and remote-access baby monitors without security protection and with weak passwords.

"I want the Russians to take this down straight away," Christopher Graham, the information commissioner, told BBC Radio 4's Today programme.

"We've known about this for about 24 hours but we've been working out how best to deal with it because we want to take regulatory action," he said.

Graham said that the first reports about the website, which is registered in "an offshore territory administered by Australia", came from Macao and Hong Kong, then Australia and Canada.

Britain is now planning "very prompt action" with the Federal Trade Commission, the US consumer protection agency, "to get this thing closed down", he said.

In Britain, the ICO said around 500 feeds had been targeted, including a gym in Manchester, a house in Birmingham, and an office in Leicester.

"The website, which is based in Russia, accesses the information by using the default login credentials, which are freely available online, for thousands of cameras," said Simon Rice, ICO group manager for technology.

"The footage is being collected from security cameras used by businesses and members of the public, ranging from CCTV networks used to keep large premises secure, down to built-in cameras on baby monitors," he said.

Data watchdogs across the world have already drawn attention to the site, which is hacking 4,591 cameras in the US, 2,059 in France and 1,576 in the Netherlands.

"We've got to grow up about this sort of thing. These devices are very handy if you want to check your child is ok and the shop's alright but everyone else can access that too unless you set a strong password," Graham said.

"If you value your privacy, put in the basic security arrangements."

Explore further: White House backs use of body cameras by police

Related Stories

White House backs use of body cameras by police

September 16, 2014

Requiring police officers to wear body cameras is one potential solution for bridging deep mistrust between law enforcement and the public, the White House said, weighing in on a national debate sparked by the shooting of ...

FTC settles complaint over hacked security cameras

September 4, 2013

The government is settling with the marketer of Internet-connected home security cameras after feeds from consumers' homes—video from baby monitors and home security systems—were posted online for public view.

Russian hackers stole 1.2 bn passwords (Update)

August 5, 2014

Russian hackers stole 1.2 billion Internet credentials from major US companies and others around the world in what is likely the biggest data breach ever, security researchers said Tuesday.

Uninvited access to security camera systems pinned down

January 29, 2013

(—A digital video recorder (DVR), used in homes and businesses for security, is helpful when not in the hands of criminals, The latter scenario is what is rattling some security blog and Forbes readers, with the ...

Hackers target CEOs in 'Darkhotel' scheme

November 10, 2014

Hackers have developed a scheme to steal sensitive information from top executives by penetrating the Wi-Fi networks of luxury hotels, security researchers said Monday.

Connected devices in smart homes have control issues

April 3, 2014

( —Smart homes are growing smarter. But it all depends on how you define "smart." Smart, as in connected to the Internet, or smart as in a well-planned architecture of intelligent gadgets that can be managed optimally? ...

Recommended for you

EPA adviser is promoting harmful ideas, scientists say

March 22, 2019

The Trump administration's reliance on industry-funded environmental specialists is again coming under fire, this time by researchers who say that Louis Anthony "Tony" Cox Jr., who leads a key Environmental Protection Agency ...

Coffee-based colloids for direct solar absorption

March 22, 2019

Solar energy is one of the most promising resources to help reduce fossil fuel consumption and mitigate greenhouse gas emissions to power a sustainable future. Devices presently in use to convert solar energy into thermal ...


Adjust slider to filter visible comments by rank

Display comments: newest first

5 / 5 (2) Nov 20, 2014
I'd worry about more than simply covering up the lens. Given unfettered access, can an intruder induce the webcam to update its firmware in some way? Maybe overwrite a bit of it through some vulnerability? Thus gaining a foothold to launch attacks against other parts of your infrastructure?
1 / 5 (1) Nov 21, 2014
Saying the site it hacking is overstating what is actually happening. Many cameras are broadcasting with no security at all so there is nothing to hack. Accessing cameras through their default passwords could be described as hacking but only on a level that requires basic computing skills. They are not using anything more than default passwords so users that understand that they need to change them are perfectly safe from this site.

Too many people allow open access to the home or small business networks through not correctly configuring devices. Wifi access points without passwords are the biggest hole left by users that don't bother to read the instructions.

Everyone needs to be better educated in the devices that that own and it is particularly important at a time when buzzwords like smart house, smart appliances and smart TVs are common. All need to be properly configured to avoid creating a massive privacy risk.
Da Schneib
not rated yet Nov 21, 2014
Actually you can probably put up a NAT and stop pretty much everything; you can get one for $50 or less, these days. If you're really worried get a stateful packet inspection (SPI) firewall; they're available for $100 or so.

I think these are getting pretty automated; I pulled down a few manuals for ones that were in the right price range, and setup looked easier than it used to be.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.