Nest Cam Accessed Using Leaked Passwords Left Family Horrified

in 2factorauthentications •  6 years ago 


The dangers of low security on the Internet of Things (IoT) devices once again surfaced last week. A family have suffered sleepless nights after a hacker gained access to their Nest account and remotely controlled their home cameras and thermostats. The only tools the hacker needed was an opportunity to use already leaked passwords.

Arjun Sud, from Lake Barrington, Illinois, put his 7month old baby to sleep. Shortly after, he heard some noises coming from the camera in the nursery, followed by a male voice. He further reported to CBS Chicago that the hacker turned up the thermostat, also a Nest smart device, to 90 degrees Fahrenheit. The hacker continued to torment the family as they moved around their house through the 16 installed cameras. The couple disconnected their Nest devices and called the police.

The hacker managed to gain access to leaked passwords from another website.

Upon further investigation, Sud did not get any answers from Nest as to how long the account was compromised for. Nest also told him he had a responsibility to put stronger passwords in place to stop unauthorised access. What worried Sud was not knowing how long the hacker watched the family for. The only indication someone was there was when someone spoke through it and the blue light turned on.

Nest have not commented on these events, other than the conversation relayed by Sud.

Responsibility of Security


The same incident happened with Nest cameras the week before. In Carolina, a family received threats from their camera of an impending nuclear strike from North Korea. The family’s account was using a password used for other website accounts. The hacker used the leaked password from another website where the family used the same password. Nest alerted some users in 2017 about the two-factor authentication adapted in the products but this measure alone may not have been enough. It brings forward the question of who is responsible for the security of technical devices. As cybersecurity awareness becomes paramount, there is a shift and expectation that consumers will play a part in security. This is additional to the developers and company selling the product. Although this is realistic, companies must communicate this fact and make consumers aware of this responsibility.

Posted from my blog with SteemPress : https://latesthackingnews.com/2019/02/04/nest-cam-accessed-using-leaked-passwords-left-family-horrified/

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Congratulations @twr! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You published more than 1300 posts. Your next target is to reach 1400 posts.

Click here to view your Board
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Support SteemitBoard's project! Vote for its witness and get one more award!