If you think you might go on holiday more serene because you have installed a surveillance camera connected, think again: hackers can access the data on these devices by intercepting Wi-Fi signals. According to a study from Queen Mary University of London and the Chinese Academy of Science criminals can hack into connected objects of security, precisely in order to know when the occupants are at home or absent.
Monitor the presence of occupants in interpreting the data of the motion detection
Surveillance cameras high tech for individuals are massively popularized in recent years. Once considered a luxury item, these cameras are now commonplace in homes around the world: the Nest Cam Google or the Ring of Amazon are a few examples of devices that may be hijacked by criminals, in a global market expected to reach $ 1.3 billion by 2023.
To divert the cameras to prepare robbery, the criminals do not need access to the video images, which is often encrypted. The study, which analyzed a data set covering 15.4 million of flows from 211 000 active users and containing a mix of users and free premium, reveals that online traffic generated by the cameras is often triggered by movement. It is therefore sufficient to monitor the flow of information transmitted by the cameras, to infer whether a house is occupied or not. If the camera does not transmit any data during the entire day, this may indicate the owner is absent (or immobile). If the flow fi is associated with the data address, then the home is potentially vulnerable.
A precise monitoring of the habits of the occupants
Without even having access to the images, the attackers can know very accurately the habits of the occupants of a house. For example, a camera regularly downloading a video triggered by a motion to 18 hours may indicate that the members of the family arrive at the house at that time.
Researchers have even discovered that on the basis of the historical traffic is generated by the camera, it is possible to predict the activity of the owners of a home in the days or weeks that come, and know when the house will be unoccupied to organize a burglary.
Burglars could even distinguish different types of movements such as sitting or running, simply by looking at the speed at which the cameras have downloaded data via the Internet.
A study revealing serious security flaws
This is the first study that examines in detail the traffic of video streaming generated by these cameras and quantifies the risks that are associated with it. To professor Gareth Tyson , who is part of the research team, consisting of this type of risks, the researchers will be able to propose ways to minimise them and to protect the privacy of the users.
Some tips to avoid hackers
It is necessary to first of all pay attention to passwords: many wireless cameras have weak passwords by default such as “admin”. By setting a password more custom and hard to guess, it avoids the need to create an opportunity easy to criminals.
It is also important to update his camera, to take advantage of new features and security improvements.
In case of doubt, unplug it or turn it off. If you do not use the feature that allows you to remotely access the camera from Internet, it is recommended to turn it off.