Singapore home cams hacked: Are web and mobile cameras secure?

---

SINGAPORE - How secure are home surveillance cameras from hackers? Are homes also letting in unwanted prying eyes with so many people having virtual meetings and leaving their laptop cameras turned on while at home?

 

These questions have surfaced after surveillance camera footage from Singapore homes showed up on pornographic sites, showing people in various stages of undress or compromising positions.

 

The Straits Times' Tech Editor Irene Tham answers the top five concerns surrounding web cams.

 

1. How secure are home surveillance cameras from hackers?

These so-called Internet of Things (IoT) or connected devices have contributed to the growing IoT nightmare simply because the rules surrounding how they are being protected in cyberspace are lax.

 

Searches on online e-commerce platforms such as Shopee, Lazada and Qoo10 show that most of these cameras are unknown brands from Chinese manufacturers.

 

Most of the devices have these problematic settings:

• Default password or no password
• Images stored on a cloud platform on the Internet that may not be properly secured
• No option for users to store their images on their own Google Drive or removable storage hardware.

 

Home users who do not know any better buy these cameras because they are cheap and easy to install.

 

Some companies are also known to have installed these cameras as they are cheap, but there may be a price to pay when the data is leaked.

 

2. What should people look out for when buying surveillance cameras?

Users should be cautious when selecting what to buy. Choose a camera from reputable sellers, and select a product that lets the user set his own password. Do not use the default password that comes with the product.

 

Users can also look forward to new cyber security labels - similar to energy labels - that rate the security of IoT devices like surveillance cameras to help them decide what to buy.

 

The voluntary scheme, pioneered by the Cyber Security Agency of Singapore, has just been launched for Wi-Fi routers and smart home hubs.

 

The labelling scheme will soon cover more IoT devices,with more details in the months to come.

 

There are four levels in the scheme, each represented by an asterisk. One asterisk means the product allows users to set their own password and comes with security software updates.

 

Two asterisks means the product also has appropriate security tests conducted by the manufacturer.

 

Three asterisks and above means there are stricter requirements including certification by a third-party cyber security laboratory.

 

3. Are homes letting in unwanted prying eyes with so many people having virtual meetings and leaving their laptop cameras turned on while at home?

Users should exercise caution. The simple solution is to paste a sticker over the web camera on the laptop when the camera is not in use.

 

Most laptops have operating systems with baseline security features - including user access and password management - already enabled. Most work computers also have additional security software, including virtual private networks and anti-virus scanners.

 

Thus, laptops are not easy to hack into unless users click freely on links embedded in e-mails that take them to dodgy websites where malware can be found.

 

If malware has already infected a computer, camera images will not be the only data compromised. One's files and online transactions including banking passwords will also be at risk of being stolen.

 

4. Are smartphone or tablet cameras as vulnerable to hacking as surveillance cameras?

Like laptops, the operating systems of most smartphones and tablets come with baseline security features and privacy settings.

 

Chinese smartphone and laptop makers have also developed "hardened" or secured operating systems.

 

But many news reports have cited United States officials and experts claiming that Chinese device makers insert secret backdoor programs to allow text messages, e-mails and images to be sent to China.

 

It is not known if the data is for advertising or for foreign surveillance purposes.

 

5. How should smartphone and tablet users protect themselves?

If users are afraid of being spied on, they should watch what they download.

 

Many mobile apps seek access to swathes of sensitive information, such as users' online and social media identities and location. Some apps even seek access to microphone and camera functions.

 

Smartphone leaks, if they occur, are most likely through dodgy or poorly-secured mobile apps.

 

Users should also make it a point not to click freely on links embedded in e-mails and instant and text messages that take them to websites where malware can be found.

 

Source: The Straits Times © Singapore Press Holdings Limited. Reproduced with permission.

---

ALL views, content, information and/or materials expressed / presented by any third party apart from Council For Third Age, belong strictly to such third party. Any such third party views, content, information and/or materials provided herein are for convenience and/or general information purposes only. Council For Third Age shall not be responsible nor liable for any injury, loss or damage whatsoever arising directly or indirectly howsoever in connection with or as a result of any person accessing or acting on any such views, content, information and/or materials. Such third party views, content, information and/or materials do not imply and shall not be construed as a representation, warranty, endorsement and/or verification by Council For Third Age in respect of such views, content, information and/or materials.