Google warns Nest camera owners to reset their passwords after hackers take over numerous devices

0
144
Google, which owns Nest, sent an email to owners of its security devices telling them to reset their passwords and enable stronger account authentication settings in light of recent events


Google is telling Nest camera owners that it’s not to blame for a recent string of creepy security incidents. 

The search giant, which owns Nest, sent an email to owners of its security devices telling them to reset their passwords and enable stronger account authentication settings in light of an uptick in hacked cameras. 

Last month, users began reporting a number of bizarre cases, where hackers appeared to take over their Nest security cameras to hurl insults at them, spy on their sleeping baby and even tell Amazon’s Alexa to play ‘Despacito’ by Justin Bieber.

Scroll down for video

Google, which owns Nest, sent an email to owners of its security devices telling them to reset their passwords and enable stronger account authentication settings in light of recent events

Google, which owns Nest, sent an email to owners of its security devices telling them to reset their passwords and enable stronger account authentication settings in light of recent events

HOW TO KEEP YOUR NEST CAMERA FROM GETTING HACKED

Nest told users that the company notifies users if they detect their email was part of another website breach. 

When this happens, the firm will proactively disable their Nest account as a security measure. 

Other steps users can take:  

  • Enable two-factor authentication – They’ll be sent a protected code every time they sign in. 
  • Choose stronger passwords – A more secure password includes eight characters or more, as well as a combination of upper and lowercase letters, symbols and numbers.  
  • Set up a Family Account – Instead of sharing your password, share access to your home devices with a user. 
  • Be aware of phishing emails that can make your account vulnerable. 
  • Protect your home network – Make sure your router is up to date and only share login info with select users. 

In the email, Nest vice president Rishi Chandra explained that the recent camera ‘hacks’ weren’t actually due to a breach in the company’s own security system. 

Rather, it was a result of camera owners using weak passwords and not taking advantage of the advanced security measures offered to them on their devices. 

‘In recent weeks, we’ve heard from people experiencing issues with their Nest devices,’ Chandra said in the email. 

‘We’re reaching out to assure you that Nest security has not been breached or compromised. 

‘…For context, even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet,’ he continued.  

Chandra said it’s possible that another website where users have an account was compromised. 

When this happens, hackers will try to use a person’s credentials, such as an email address and password combination, to login to their other accounts. 

‘For example, if you use your Nest password for a shopping site account and the site is breached, your login information could end up in the wrong hands,’ Chandra noted. 

‘From there, people with access to your credentials can cause the kind of issues we’ve seen recently.’ 

So, Chandra believes Nest owners may be recycling their login credentials across a number of different services, which hackers took notice of and used to manipulate their security camera. 

It comes after a Nest camera owner discovered last month his smart baby monitor had been taken over by a hacker who was talking to his seven-month-old baby.  

‘Right as I approached the baby’s room, I heard a deep voice talking to him,’ Illinois homeowner Arjun Sud said.

‘I couldn’t believe that these devices that I had put up in my home to watch over it, my family, were now being used against me to harass us.

‘The moment I realized what was happening, panic and confusion set in, and my blood truthfully ran cold,’ he added. 

The hacker also took over Sud’s smart thermostat and remotely raised the temperature to 90 degrees, which he feared could have killed his son. 

In another case, a hacker infiltrated a user’s Nest security camera and issued a fake nuclear bomb threat, while a separate user said they were tormented with racial slurs and insults through their Nest camera. 

Nest VP Rishi Chandra said the recent camera 'hacks' weren't actually due to a breach in the firm's own security system. Rather, it was a result of camera owners using weak passwords

Nest VP Rishi Chandra said the recent camera 'hacks' weren't actually due to a breach in the firm's own security system. Rather, it was a result of camera owners using weak passwords

Nest VP Rishi Chandra said the recent camera ‘hacks’ weren’t actually due to a breach in the firm’s own security system. Rather, it was a result of camera owners using weak passwords

Earlier this week, in a slightly humorous but altogether terrifying incident, a Texas couple discovered a hacker had used their Nest camera to tell their Amazon Alexa device to play Despacito by Justin Bieber. 

There’s little Google can do since the hacks are coming from users with lax security practices.

However, as Chandra noted in the email, Nest will continue to notify users if they detect their email was part of another website breach and proactively shut down their account as a security measure. 

The company added that it’s up to the user to make sure their account is using a safe password, in addition to using other security features.

Still, some security experts criticized Google for not making it abundantly clear to users how they could utilize stronger security measures on their account. 

‘The reality is that weak passwords provide an easy route for hackers into smart home devices but that certainly isn’t the only issue to be addressed in this rapidly expanding market,’ said Matt Bing, a senior security analyst at enterprise hardware and software company NetScout. 

‘…There really is little point in blaming the consumer – without the necessary guidance from manufacturers, regular and automated security updates or fundamentally more secure devices, the smart home will continue to be a fertile ground for nefarious activity.’

HOW HAS NEST BEEN HACKED BEFORE? 

Nest Cam security cameras are connected to cell phones and provide 24/7 live streaming as well as a built-in speaker and mic so you can hear what’s happening at home and talk to family, children, or intruders.

Earlier this month a family in LA told of theri panic when hackers took over their Nest home security camera to give them a fake warning that three North Korean missiles were about to hit America.

In December 2018 a Phoenix man thought he was getting robbed when he first heard an unfamiliar voice inside his home. 

But this hacker assured Andy Gregg that he had no ‘malicious’ intentions by accessing his Nest. He was actually a ‘white hat hacker’, a computer security specialist who hacks into protected systems and networks to assess their security.

In the same month a Houston couple said an unknown man hacked into their wireless baby monitor on Monday and threatened to kidnap their four-month-old son  

And in November a New York mother said she is now living in fear after finding out her family’s Nest home monitoring system was recently hacked by a stranger. 



Source link