Creepy incidents with Nest cameras prompt password warning
Google has urged owners of Nest cameras to reset their passwords, following reports of hackers taking over the smart home devices.
In one incident last month, a family in Illinois had their home security system compromised by cyber criminals, who took control of connected Nest cameras to shout racial abuse through the device’s speaker at a couple and their baby.
“As I approached the baby’s room and stood outside, I was shocked to hear a deep manly voice talking to my 7-month-old son,” the victim told local media. “My blood ran cold.”
In a separate incident that same month, a Californian family received an emergency broadcast alert through their Nest surveillance camera that detailed three North Korean intercontinental ballistic missiles headed to the United States.
“It warned that the United States had retaliated against Pyongyang and that people in the affected areas had three hours to evacuate,” The Nest owner told The Mercury News.
“It sounded completely legit, and it was loud and got our attention right off the bat. … It was five minutes of sheer terror and another 30 minutes trying to figure out what was going on.”
Both incidents were the result of the Nest customers using compromised passwords that had been exposed through hacks on other websites, according to the Google-owned company.
In an email to customers this week, Nest Vice President Rishi Chandra blamed other security breaches for the issues, writing that people who used the same login credentials across multiple sites and services could fall victim to similar attacks.
To prevent further incidents, Mr Chandra gave security advice to customers on how to better protect the devices from cyber criminals.
“Even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet,” he wrote.
“If a website is compromised, it’s possible for someone to gain access to user email addresses and passwords, and from there, gain access to any accounts that use the same login credentials.”
The best way for a customer to avoid having the Nest camera hijacked is to use a strong and unique password, while also enabling two-factor authentication to add an additional layer of security, he wrote.
“While we continue to introduce additional security and safety features, we need your help in keeping your Nest account secure,” he concluded.
“It’s a great responsibility to be welcomed into your home, and we’re committed to keeping you and your Nest devices safe.”