- A family in California experienced a broadcast warning coming from their Nest security camera.
- The surveillance system was compromised by a stolen password which was exposed online.
A family in Orinda, California experienced a broadcast warning coming from their Nest security camera. Attackers managed to hack their Nest surveillance system and broadcast a warning of an incoming nuclear missile attack from North Korea.
The family experienced a loud-alarm before the start for the broadcast warning. The sound was followed by an alert which claimed that three intercontinental ballistic missiles targeting Los Angeles, Chicago, and Ohi had been launched from North Korea.
The family panicked and eventually checked news channels for the coverage of the aforementioned attack, but found nothing. The family also called the Nest customer service to investigate the warning. Later, they realized that a third-party hack allowed the attackers to hack their security camera.
A spokesperson for Nest confirmed that Nest was not breached. “These recent reports are based on customers using compromised passwords (exposed through breaches on other websites). In nearly all cases, two-factor verification eliminates this type of security risk,” the spokesperson said, CNET reported.
The spokesperson further said that Nest is working on features that will reject compromised passwords, allow customers to monitor access to their accounts, and track third-party entities that abuse passwords.
Security experts say that companies should educate their customers on how to securely use devices in order to prevent attackers from using stolen credentials to log into security cameras and connected devices.
“Consumers can choose to use a stronger password and enable extra security features like two-factor authentication, but they aren't required to do so. Device makers should flip that around,” Betsy Cooper, founding director of the Aspen Policy Hub said.