Ever heard of the smart Nest security camera? Perhaps not, but if you’re one of the 11 million owners of Nest smart devices which connect to the home Wi-Fi network, it might be a good idea to take note of the following, if not for its curiosity value at least its implications.
- A California family were doing their usual Sunday afternoon things when a loud squawk came blasting out of the living room.
- This was followed immediately by a detailed warning about three North Korean intercontinental ballistic missiles headed to Los Angeles, Chicago and Ohio.
- The warning added that the United States had retaliated against Pyongyang and that people in the affected areas had three hours to evacuate.
It was sinister, scary and completely believable, according to Laura Lyons who received the warning.
Lyons and her husband were scared and confused while their terrified 8-year-old son crawled underneath the rug. Then the couple realised the dire warning was coming from their Nest security camera perched above the television.
After a few panicked phone calls the family realised their Nest camera had been hacked and the miscreants who sent the message of doom were also probably watching them, and most likely rolling around in fits of laughter too.
It later emerged that Nest was aware of these spoofs with a number of other security camera incidents also recorded, though none threatening a nuclear winter.
Nest platform is secure
Last year, an independent test of the Nest platform revealed it is actually quite secure.
It would appear reports of devices being hacked were the result of how the devices were configured and used in the smart home, especially in terms of setting the account password.
It appears those affected used passwords that had been compromised as the result of breaches on other websites and online services. Hackers got hold of these passwords and applied them to other services such as connected Nest security cameras.
There is a larger issue here:
Many people use the same password for multiple online services.
- The dangers of doing this are exacerbated further when the same passwords are used for Wi-Fi-enabled devices in the home.
- They provide a hacker with inside access to someone’s property.
Importance of two-factor authentication
- Password reuse is one of the most common mistakes people make and also one of the riskiest things you can do on the internet.
- You should have unique passwords for each account. Of course it’s difficult to remember them all but a good password manager will do the trick.
For owners of Nest smart devices the simplest thing to do is enable two-factor authentication.
So even if a password is breached in a hack a miscreant wouldn’t get very far with it.