Creepy incidents with Nest cameras prompt password warning

'As I approached the baby's room and stood outside, I was shocked to hear a deep manly voice talking to my 7-month-old son,' one victim said

Anthony Cuthbertson
Thursday 07 February 2019 11:44 EST
Comments
Nest owners have reported being taunted by strangers through their smart home device
Nest owners have reported being taunted by strangers through their smart home device (Nest)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Google has urged owners of Nest cameras to reset their passwords, following reports of hackers taking over the smart home devices.

In one incident last month, a family in Illinois had their home security system compromised by cyber criminals, who took control of connected Nest cameras to shout racial abuse through the device's speaker at a couple and their baby.

"As I approached the baby's room and stood outside, I was shocked to hear a deep manly voice talking to my 7-month-old son," the victim told local media. "My blood ran cold."

In a separate incident that same month, a Californian family received an emergency broadcast alert through their Nest surveillance camera that detailed three North Korean intercontinental ballistic missiles headed to the United States.

“It warned that the United States had retaliated against Pyongyang and that people in the affected areas had three hours to evacuate,” The Nest owner told The Mercury News.

“It sounded completely legit, and it was loud and got our attention right off the bat. … It was five minutes of sheer terror and another 30 minutes trying to figure out what was going on.”

Both incidents were the result of the Nest customers using compromised passwords that had been exposed through hacks on other websites, according to the Google-owned company.

In an email to customers this week, Nest Vice President Rishi Chandra blamed other security breaches for the issues, writing that people who used the same login credentials across multiple sites and services could fall victim to similar attacks.

To prevent further incidents, Mr Chandra gave security advice to customers on how to better protect the devices from cyber criminals.

"Even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet," he wrote.

"If a website is compromised, it’s possible for someone to gain access to user email addresses and passwords, and from there, gain access to any accounts that use the same login credentials."

The best way for a customer to avoid having the Nest camera hijacked is to use a strong and unique password, while also enabling two-factor authentication to add an additional layer of security, he wrote.

"While we continue to introduce additional security and safety features, we need your help in keeping your Nest account secure," he concluded.

"It's a great responsibility to be welcomed into your home, and we're committed to keeping you and your Nest devices safe."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in