Mr Kelvin Lew, a cyber security consultant, said: “There are still millions of users who are not aware that their personal computers, devices and home equipment have become a tool for the hackers to do their illegal activities.”
He urged IoT manufacturers to consider the security aspect in the design of their products.
So how can you prevent your webcams from being accessed?
Said Prof Wong: “Change your passwords!”
“Once a device is connected to the Internet, everybody can access it if you don’t set up the fence properly.”
Related: 10 tips for safe web-surfing
Viewing stream is OK, uploading is not
It is not illegal to view the feeds that are on Insecam.
“Just viewing the feed does not constitute an infringement,” said lawyer Gloria James-Civetta, managing partner of law firm Gloria James-Civetta & Co.
“It would be akin to watching an episode of a TV show that has been illegally uploaded on YouTube.”
Mr George Hwang from George Hwang LL.C likens looking at the stream to someone looking through the open window of a Housing Board flat as they walk past on the corridor.
“There is no problem if you were just looking through that window,” he said.
The infringement occurs if you put the stream online.
Said Ms James: “If a third party puts up a stream on the Internet, then that can constitute an infringement.
“There was no consent to taking someone else’s data and letting the world see it.”
‘Poor security makes them soft targets’
Your password issues do not affect just you.
StarHub’s broadband network was disrupted twice last week, on Oct 22 and Oct 24.
StarHub said the distributed denial of service (DDoS) attack happened with the help of its customers’ machines.
The attacks came just after a massive DDoS attacks on a US-based Domain Name System (DNS) service provider, Dyn, on Oct 21.
The attack on Dyn took down services like Twitter and Spotify.
Experts said that these attacks made use of web-connected or Internet of Things (IoT) devices.
Hackers used a malware called Mirai to infect countless of devices connected the Internet.
Those devices then became zombie machines that overwhelmed Dyn’s servers with more traffic than it could handle.
Experts do not rule out that the DDoS attacks that affected StarHub resulted from devices infected with Mirai.
In an e-mail reply to The New Paper, Mr Nick Savvides, security advocate at Symantec, said that these attacks are rooted in the poor security of many of these devices that are connected to the Internet.
“Poor security on many IoT devices makes them soft targets and attackers often pre-program their malware with commonly used and default passwords,” he said.
“Processing power limitations and basic operating systems mean many IoT devices don’t have advanced security features.”
He urged consumers to buy devices from reputable manufacturers.
“Check if they have a history of releasing updates and if they have clear security and privacy policies,” he said.
A version of this article first appeared in The New Paper