Owners of smart cameras, baby monitors and other Internet of Things products have been urged to help keep their devices safe by following three simple steps to boost cybersecurity – and making it more difficult for hackers to compromise them.
The advice from the UK's National Cyber Security Centre (NCSC) – the cyber arm of the GCHQ intelligence agency – comes as IoT security cameras and other devices are gaining popularity in households and workplaces.
However, these devices can bring additional risks to users, as insecure settings can leave IoT cameras open to hackers who could use them to snoop on what's going on, or even use the device as a stepping stone to hack into the rest of the network.
SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)
But the NCSC's new guidance paper – Smart security cameras: using them safely in your home – sets out three things users can do to make it much harder for their IoT devices to be hacked or accessed without authorisation. They are:
1. Change the default password
Many IoT passwords come equipped with a default password that is either short and easy to guess, or the same default password is shipped with all the devices – meaning if the password for one device is leaked, it's also leaked for everyone.
The NCSC recommends that users change the password on the device – which is most commonly done by using the app used to monitor the device. The advice from the NCSC is to change the password to three random words and to avoid using anything in the list of the most commonly hacked passwords.
2. Apply software updates regularly
Users can go a long way to keeping the IoT camera secure by regularly applying the relevant software updates – which often not only add new features, but boost the security of the device. If possible, users should set the device to automatically install these firmware updates, so that the device is protected in the most up-to-date way possible – and without the user having to think about doing it by themselves.
SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)
3. Disable unnecessary alerts
If users don't need the feature that allows them to remotely view camera footage via the internet, the NCSC recommends disabling it; thus preventing hackers who might be able to gain access to the device from being able to snoop on the room the camera is in.
"Smart technology such as cameras and baby monitors are fantastic innovations with real benefits for people, but without the right security measures in place they can be vulnerable to cyber attackers," said Dr Ian Levy, technical director at the NCSC.
"These are practical measures which we can all take to help us get the most out of our home-based technology in a safe way," he added.
The advice from the NCSC comes shortly after the UK government proposed draft legislation for Internet of Things security that would mean device manufacturers would have to adhere to particular standards in order to sell products to consumers in the UK; however, it remains unclear how these rules will be enforced.