A consumer watchdog has warned that more than 100,000 cameras produced by Chinese firm HiChip are found to have various security flaws. This may give a fall sense of security to families while hackers openly access their network.
HiSense told Which?, a consumer group investigating wireless camera flaws, that their devices encrypt all data between the camera and the app, so they have a "very low-security risk."
According to Daily Mail, the group said any camera that comes with the app CamHi is allegedly prone to hacking, so owners are urged to disable them completely. Researchers also named brands that are highly susceptible to hackers.
Your wireless camera security system may be vulnerable
Among the wireless cameras in the UK tested by researchers, five of them showed to have a security flaw, which allows hackers to access them even after changing the password. These brands include Accfly, SV3C, Genbolt, ieGeek, and Elite Security.
For more than a decade, the Chinese company HiChip has focused on IP camera research and development.
"We encrypt all the commands and data with AES128 between the camera and the APP, above the P2P transferring layer. So our cameras have (a) very low-security risk about the end user's privacy," said the company.
Security flaws give a false sense of security
A security expert commissioned by the consumer group tested five security cameras: Accfly, Elite Security, ieGeek, Genbolt, and SV3C. These can be purchased online. The group discovered that they are all affected by the flaw.
Which? also warned that 32 out of 47 camera brands sold worldwide may be exposed to hacking, so those who have been using them should immediately uninstall them. These include Besdersec, Alptop, COOAU, Ctronics, Dericam, CPVAN, Jennov, LEFTEK, Luowice, Tenvis, and QZT.
While researchers found the various security flaws on the software, Which? said the company has committed to working with experts to improve their safety, although it is not clear whether the proposed updates will fix these flaws.
The flaw points to the device's Unique Identification numbers (UID), which is usually found on a sticker on the camera itself. It is easily discovered and targeted by perpetrators.
Meanwhile, Which? stressed that the primary flaw of these security cameras is putting the consumers at higher risk. This could be exploited by someone to track the user's residence, target other devices, and even access the live footage. There have been previous reports of hackers who speak via the camera's microphone.
"People may believe they are picking up a bargain wireless camera that can bring a sense of security - when in fact they could be unwittingly inviting hackers into their home or workplace," Which? computing editor Kate Bevan said. "Anyone who has one of these cameras in their home should turn it off and stop using it immediately.... cheap isn't always cheerful."
The spokesperson also urged the government to enact legislation requiring certain security standards for wireless devices "and ensure this is backed by strong enforcement."
How to secure wireless cameras
Change the default password. Many wireless cameras have weak default passwords like "admin." Use a strong password such as three random words or mix letters with characters and numbers.
Always update the camera. This keeps the devices secure, as well as allows new features and improvements to be added.
Reboot the camera or unplug it. Cameras are supposed to make people feel safe from hackers peeking into their daily lives. If there is any doubl, deactivate the camera.
Deactivate remote access. Disable the remote access feature when not in use.