Is Russia really watching you through your device?

By Dr Christopher Richardson, Head of Bournemouth University Cyber Security Unit

Today’s news of the unauthorised broadcast of thousands of IP cameras and webcams worldwide by a Russian website highlights the need to ensure that the manufacturer default login details are changed immediately after installation.

Many internet facing devices such as webcams and baby monitoring devices are supplied with simple usernames and password combinations such as “admin and password” to aid an easy installation and setup. The downside is that easy installation can also mean easy breach, and today’s news demonstrates just how many users leave their devices unsecured and wide open by using default usernames and passwords on a permanent basis.

I cannot emphasise enough the need to create strong usernames and passwords for any internet facing device. Always use a combination of uppercase and lower case letters with as many numbers and special symbols as possible. The stronger and longer the password is, the less likely it is to be compromised in the way being demonstrated by the Russian website.

There are also additional techniques that can be deployed such as port forwarding and changing the default port number that the device uses to communicate with the internet on. Many home broadband routers support these additional features but the majority of users do not use them or are unaware of their existence and the additional layers of security that can be provided by utilising them.