Irish webcams hacked and collated on Russian website

Feeds include footage from CCTV cameras and baby monitors inside homes

A Russian website has been found to be allow people to watch live footage from insecure cameras across the world. Photograph: Getty Images/iStockphoto
A Russian website has been found to be allow people to watch live footage from insecure cameras across the world. Photograph: Getty Images/iStockphoto

A Russian website has been found to be hosting hundreds of feeds of live footage from inside Irish homes and businesses, which have been accessed by hacking into people’s webcams.

The site lists streams from more than 250 countries and other territories. Its database shows listings for 4,591 cameras in the US, 2,059 in France and 1,576 in the Netherlands.

The feeds include footage from CCTV cameras and baby monitors. There are thought to be about 50 from Ireland including a child’s cot in Co Meath, a play room in Co Dublin, gardens in counties Louth, Limerick and Waterford, and the insides of a number of homes.

The UK-based Information Commissioner’s Office (ICO) yesterday issued a warning that people should ensure security arrangements on electronic devices are robust.

READ SOME MORE

ICO group manager for technology Simon Rice said the danger of using weak passwords has been “exposed again” this month after the new website was launched.

He said it allows people to watch live footage from insecure cameras across the world. The website accesses the information by using the default login credentials, which are freely available online, for thousands of cameras.

The footage is being collected from security cameras used by businesses and members of the public, ranging from CCTV networks used to keep large premises secure, down to built-in cameras on baby monitors.

“If you take only one security step when getting any new device, make sure it’s setting a strong password,” said Mr Rice.

“When you begin using your camera you may be given a simple default password that you’ll need to enter to get the device working. This might be blank or something as simple as ‘password’ or ‘12345’ but, even if it isn’t, the default passwords many manufacturers use are freely available online so make sure you get it changed. If the device doesn’t have a password, then, as a bare minimum, you should set one up.”

UK Information Commissioner Christopher Graham said he wanted to “sound a general alert”, warning “there are people out there who are snooping”.

He told the BBC: “It’s got more than 500 UK webcams where there is a facility for remote access to check what’s going on in the shop, what’s going on at home, how’s the baby.”

When asked about a feed that appeared to show a child in its bedroom, Mr Graham said: “It is spooky. But after all, it is the responsibility of the parents to set a proper password if you want remote access.”

VM Forensics chief executive Vivienne Mee, an expert in fraud investigation and cyber crime, said the feeds had been hacked in order to scaremonger.

“It could be to do with industrial espionage,” she said. “But I honestly believe it’s just scaremongering. Groups of hackers just like to show people they can get in, and I’d say it was one of them.”

Colin Gleeson

Colin Gleeson

Colin Gleeson is an Irish Times reporter