It was very nearly the worst-case scenario for Arizona real estate agent Andy Gregg when a hacker accessed his Nest security camera, and spoke to him through its built-in microphone.
The instance is a reminder that all of us with security cameras, particularly wireless security cameras, should make sure we’re doing everything we can to ensure they’re absolutely secure from outsiders.
Watch the scary conversation as the researcher talks to Gregg:
(Source: The Arizona Republic)
Fortunately for Gregg, his hacker was a white hat – a hacker that finds weaknesses or entry points in online security systems, and informs people about them so that more malicious hackers, known as black hat hackers, can’t use them.
This hacker used a bit of theatricality to let Gregg know his camera was easy to access, particularly since Gregg used a single password for multiple websites in addition to his camera. But it was a kind warning that gave Gregg a chance to better protect himself. Many other people don’t, or won’t, get that luxury.
After the incident, Nest released a statement confirming that leaks of passwords from other companies and websites made it possible for people other than camera owners to access Nest cameras. However, this incident doesn’t have to be the norm. There’s a lot people can do to keep their security cameras from being accessed by hackers, and most of it is very simple. Read on for the easy steps that will keep your wireless security camera, and therefore you and your family, safe from hackers.
Set passwords on your cameras—and a second authentication
One of the first, most important things you can do to protect your wireless security cameras is make sure you have a password set on the camera. Some models come with a default password, so make sure you change to something you’ve devised yourself, and if your password protection wasn’t activated in your initial setup, put one on now to protect your camera and you from people who might want access.
As we see from the Gregg story though, you need to make sure this password is unique — don’t use the same password you use for anything else, particularly not online accounts. It’s good to make your password 6 characters or longer, and to use combinations of upper- and lowercase letters to make it harder to guess too. And consider changing the password every few months, just to make it harder to guess over time.
If your camera also allows you to have a second form of authentication on top of your password too, also known as two-factor authentication, make sure you use that. The second of the two-factor authentication will protect your camera if your password is guessed or obtained.
These second factors might be text messages where you confirm or deny that you’re the one logging in, or phone calls, or emails. If you’re not sure if your security camera offers a two-factor authentication, call the manufacturer and ask. If it turns out they don’t have it, perhaps consider getting a new camera that does to ensure the security.
Update your camera’s firmware
Firmware is permanent software in an electronic device that provides low-level control over a device’s hardware. When firmware gets updated, it changes how a device operates, generally improving how things work, and occasionally allowing a system to get some new, better functions.
It’s important to keep your firmware up to date in your wireless security cameras. With up-to-date firmware, your cameras work better, and have any vulnerabilities manufacturers found in tests or from white hat hackers addressed and patched. You can usually update the firmware in your cameras by going to the manufacturers website on a computer or tablet.
A small note to go with this tip: if you got your cameras cheap, and they don’t come with technical support, your firmware won’t ever be updated. This means hacking vulnerabilities will remain unaddressed, so it might be worth investing in more expensive cameras where manufacturers make sure things remain secure and high-functioning.
Encrypt your devices
Many wireless security camera manufacturers are aware that because their devices are wireless, they’re more vulnerable to hackers and hacking attempts. To combat this, many have made their cameras with encryption features, allowing the devices to encrypt SSL/TLS communications, and WPA2 connections. If you have these advanced security features, activate them in your wireless cameras. If you’re on the market for new cameras, make sure they come with these encryption capabilities so it’s harder for hackers to communicate with your devices.
If your camera doesn’t encrypt on its own, you can at least encrypt your wireless network yourself. Depending on the router you connect your security cameras to,
there are different ways to turn on WPA2 encryption, but all current routers can be set to WPA2 security levels that will encrypt your internet usage for your wireless security cameras, and your other devices.
As a general rule, you can set your router to self-encrypt by accessing your router’s wireless settings. Get to those settings by typing your IP address into your web browser, and clicking on the Wireless Settings tab or button. Once you’re in the settings, make sure your router is set to WPA2, not WPA or WEP. Once you’re on WPA2, your router will automatically encrypt data going in and out of it, allowing you to be sure hackers aren’t secretly accessing your camera feed, keeping you safer.
Limit access to your cameras
The more devices that can connect to your wireless security cameras, the more potential entry points hackers have to the devices. Try to only access your cameras from your personal computer or laptop, or maybe only your phone if you can. The fewer devices that know the passwords and steps to get in, the fewer chances hackers have of reaching your feeds.
To limit access to your wireless cameras, you also have to limit access to your wireless networks. If a neighbor knows your router password and gets Internet from you, they could access your wireless cameras on that network. Keep your router password to yourself, and make sure it’s a unique, slightly elaborate password to keep from being hacked.
Also make sure it’s hard to physically access your cameras. You don’t want someone to be able to reach the devices without your knowledge, and be able to mess with the hardware and access them. This might mean keeping your cameras indoors and facing out, if you’re looking to keep an eye on your yard, and it might mean keeping indoor-viewing cameras in hard-to-reach places if they can’t be completely hidden.
Keeping your security cameras difficult to access in person, and over wireless networks will keep them more secure, and therefore let them do their job of keeping you secure.
As you can see, it’s not difficult to limit access to your cameras, or follow any of these tips to keep your wireless cameras safe. So don’t let Andy Gregg’s experience keep you from using wireless cameras; just be safer in how you use yours! You’ll keep yourself safer overall when you do.