New research from consumer advocacy organization Which? revealed that more than 100,000 wireless security cameras installed in U.K. homes and businesses are vulnerable to cyber threats. Security cameras manufactured by HiChip that use software like CamHi app, Accfly, ieGeek, and SV3C might allow attackers to spy, steal personal data, or even change the camera’s password, according to Which?
“Many of these potentially vulnerable cameras are still on sale from online marketplaces such as Amazon, eBay and Wish.com, and more than 12,000 were activated in UK homes over the past three months alone,” Which? said in a security alert.
According to Which? investigation with Paul Marrapese, a U.S.-based security researcher, more than 3.5 million security cameras worldwide are still vulnerable to cyber risks. It is found that a majority of these cameras are located in Asia, and over 700,000 cameras are active across Europe, including more than 100,000 in the U.K.
Security Issues with Unsecure Cameras
Security flaws that exist in the design of the cameras’ software allow an attacker to:
- Access the video stream of the camera to spy on homes
- Talk to people in homes if the camera has a microphone
- Steal or change passwords
- Find the exact location of a home
- Target other devices connected to a home network
- Add one’s camera to an online botnet
The Experiment
Which? stated that they made an experiment on five wireless security cameras namely – Accfly, Genbolt, Elite Security, SV3C, and ieGeek. The researchers claimed that they were able to compromise the devices remotely. It is estimated that around 47 camera brands globally could potentially have this security flaw, including 32 brands sold in the U.K.
According to Which?, the camera brands with potential vulnerabilities include Dericam, Alptop, Luowice, Besdersec, CPVAN, Ctronics, COOAU, Jennov, LEFTEK, QZT, and Tenvis. Which? also claimed that any wireless camera that uses the CamHi app could be compromised. It also advised users with a camera working on the CamHi app to remove from their network.
How to Protect your Security Cameras
Which? also suggested some protective measures to safeguard security cameras against potential risk. These include:
- Change passwords. Many wireless cameras have weak default passwords, such as “admin.” Set a secure password connecting three random words that you’ll be able to remember
- Keep your camera software updated. Not only does this keep your devices secure, but it often adds new features and other improvements
- If in doubt, disconnect it. If you don’t use the feature that lets you remotely access the camera from your phone or tablet, it’s recommended that you disable it.