We’ve all seen hackers in movies that seem to have an insurmountable amount of power. With just a few taps of the keyboard, they can blow up hardware, steal information, and even talk to whomever they’re hacking. One man had his life turn into a movie when he heard his Nest camera talking, only to discover a hacker had gained access to it! Fortunately, unlike the movies, this hacker was a benevolent one who wanted to help instead of harm. So, what happened, and how did this occur in the first place?
How It Happened
This is the very real story of Andy Gregg, an estate agent. He had a Nest set up in his home that allowed him to use cameras to keep track of people snooping around his house. One day he heard one of the cameras around his home talk to him. It was a very real, human voice of someone claiming to be a security researcher from Canada. They then went on to explain that they had managed to gain access to Andy’s camera.
The hacker was quick to mention that he was a “whitehat” hacker, someone who cracks security in order to warn the owners about the flaws. His intent was to inform Andy of the issue before any “blackhat” hackers – the more malicious kind of security cracker – could get in and do serious damage.
Andy asked the hacker if he could see the inside of his home. The hacker confirmed his could, and went on to say with a little bit of research, a blackhat hacker could gain information about where the house was. Once they had that information, they could use the camera feed to see when Andy had left the house and break into it. What was originally set up to deter burglars could be used to help them!
The hacker made a good point in his dialogue; Andy had not set up two-factor authentication for his Nest devices. Andy also used a username and password that had previously been leaked onto the Internet. Due to these two weaknesses, the whitehat hacker could log in without any difficulty. The hacker instructed Andy to set up two-factor authentication for his Nest login so that future hackers could not enter his system so easily.
A Stark Reminder
This piece of news is a reality check on just how damaging the Internet of Things can be when not handled correctly. While most of our gadgets are “dumb,” there’s no entry point for hackers to gain access to it. As more and more of our daily tools enter the Internet of Things, it creates more weakspots in our homes that allow hackers to enter. Once they’re in, they can use the data they find against you; either by stealing your info or analyzing your home to ensure the perfect break-in.
Always tighten your smart home’s security by using a different password from your online services. If you’re unsure if your password has been leaked, you can check on sites such as Have I Been Pwned? Even if your password is still safe, mix it up in case a leak does happen in the future. Enable two-factor authentication whenever you can, as it’s a valuable tool to defeat hackers.
Speaking of Security
With the recent whitehat hacking on a Nest camera, it’s a nasty reminder of how easy it can be for a hacker to gain access to our home’s gadgets. Always make sure your security is tight by using a different password for your smart home setup and enabling two-factor authentication when you can.
Does this news story make you more paranoid about the security of your smart home? Let us know in the comments.