Gartner has predicted last year that by 2020 at least 25 billion devices will be connected to the web. On the other hand, networking products provider Cisco also predicted that annual global data center IP traffic will reach 10.4 Zetabytes by the end of 2019, up from 3.4 Zettabytes in 2014.
All those connected to big data world will be happy to learn the above said facts. Aren’t you?
But here comes the bitter part of this article and that is a search engine called “ Shodan” is allowing a scan for publicly accessible devices and capture their IP addresses. This allows the creation of a search index that includes everything from in-home security surveillance cameras to traffic lights to fetal heart monitors to power switches for hospitals.
Technically speaking, any of the so called Internet of Things that doesn’t have a password is up for grabs.
Shodan was developed by programmer John Matherly in 2009 when he was in is teens. The idea of developing this website was to help large tech companies see who was using their devices.
But now, the site is being mostly used by hackers and some researchers. Until recently, Shodan was used almost exclusively within the cyber security community, because searches require a general understanding of technical language. But a new feature has made it easier for anyone to peek people’s home surveillance devices. The new channel includes screen grabs of security camera feeds along with their location.
As Ars Technica reports, these webcams show feeds from sensitive locations like schools, banks, marijuana plantations, labs and babies’ rooms.
Shodan members who pay the $49 monthly fee can search the full feed at images.shodan.io. A Vocative search of some of the most recently added images shows offices, school, porches and the interior of people’s homes like people sleeping in bedrooms and having some intimate time.
Accompanying each of these grabs is a pinned map that shows the location of the device capturing that footage. The site also offers free memberships that allow anyone to search through thousands of webcams.
Most of these devices require a password to view the feed (Shodan users have written a few articles about the most-used passwords so that others can easily hack feeds), but unfortunately many people don’t set up password authentication on their devices.
Such cameras are easily accessed through Shodan, and many of them can even be controlled by Shodan users. So, burglars can take the help of the search engine as a reference point to start their day. And many devices can pave way for Ransomware.
What’s the solution then?
Nothing, but to reset the default passwords and use a combination of alpha-numeric special characters in the new password.
What if the concern is more?
Just stop connecting your devices to internet services and if possible use it in a private network.