Hackers infiltrate Ring cameras in Florida and Tennessee and harass children
Hackers accessed Ring security cameras in Florida and Tennessee over the last few days and communicated with children, raising questions about the safety of the devices made by the Amazon subsidiary. © Provided by Geekwire The Ring Stickup camera. (GeekWire Photo / Nat Levy) Family says hackers accessed a Ring camera in their 8-year-old daughter’s room https://t.co/vsgavdnwZLpic.twitter.com/ElMqlsOCDr— WMC Action News 5 (@WMCActionNews5) December 11, 2019In Tennessee, a hacker broke into a Ring camera only four days after it was purchased on Black Friday.
Hackers took over Ring cameras in households around the country in recent weeks But smart home companies can do more to protect users from these types of attacks. Two - factor authentication is one way companies could secure smart-home tech for their customers even if they use bad passwords.
So, even if a hacker were to guess your password, they'd need either your phone or your email account in order to access your Ring account. Here's how to set up two - factor authentication for your Ring camera . 1. Open the Ring app, and open the menu on the upper left-hand side.
Hackers took over Ring cameras in households around the country in recent weeks, shouting at residents, blasting music and setting off the system's alarm. Hackers hadn't breached Ring's corporate systems, the company said. Instead, they logged in to individual cameras with passwords that owners had used on other accounts that'd been hacked.
None of that makes the stories even a little less creepy.
In Mississippi, a hacker , like in January, when hackers told a California family that a North Korean airstrike was imminent.and that she should wreck things in her bedroom. In Georgia, hackers yelled at a woman . And in Florida, hackers to a couple in their home until they pulled the batteries out of their Ring camera. Similar attacks have
Thousands of Ring owners had personal info exposed in data leak, report says
Ring says it hasn't suffered a data breach.In a statement Thursday, Ring said it hasn't had a data breach, adding that it's not uncommon for bad actors to harvest data from "other company's data breaches" and create lists of credentials that could be used in attempts to gain access to other services.
How to Set Up Two - Factor Authentication . Ring itself wasn't hacked , but Ring owners should consider activating two - factor authentication on their accounts to stay safe. If you own a Ring camera , watch out: Hackers have been hijacking the devices to spy on and harass families in the US.
Does two - factor authentication protect me from hackers ? How to set up two - factor authentication for iCloud - Продолжительность: 3:40 Macworld 54 815 просмотров.
"Unfortunately, when the same username and password is reused on multiple services, it's possible for bad actors to gain access to many accounts," a Ring spokeswoman said in a statement. "Consumers should always practice good password hygiene and we encourage Ring customers to change their passwords and enable two-factor authentication."
You don't need experts to tell you this is good advice. Robust passwords and two-factor authentication are the minimum for decent security these days. But smart home companies can do more to protect users from these types of attacks. One easy fix: Companies could require -- rather than simply recommend -- that consumers use two-factor authentication when they log in.
More than 3,000 Ring users' passwords and credit card info were leaked online, the latest in a series of security incidents affecting Ring accounts
The leak left Ring users vulnerable to hackers, but the company has maintained that the passwords were not stolen from its own networks. The exposed log-in information was reportedly discovered by a security researcher on an unprotected text storage website, who first posted about his discovery on Reddit.
Hackers have created dedicated software for breaking into Ring security cameras , according to posts on hacking forums reviewed by Motherboard. The parents told WMC5 that they hadn't set up two - factor authentication for the device; failing to do so would make it easier for someone to change
Two - factor authentication , sometimes shortened to 2FA, adds an extra layer of security to your account and all Squarespace sites on your account. When logging into your account, you’ll enter an authentication code as an additional step. Depending on your settings , the code you enter will be
Consumers can do better, and so can companies, said Troy Hunt, a cybersecurity expert who runs Have I Been Pwned, a service that tracks hacked login credentials and other data breaches.
"Reusing credentials is certainly a very risky practice," Hunt said. "Equally, corporate victims of credential stuffing need to be held more accountable for providing insufficient controls against what is a very well known attack these days."
Passwords aren't good enough
Telling consumers not to reuse passwords is unrealistic. First of all, many people have dozens or even hundreds of accounts, and only a robot could memorize unique, complex passwords for each of them. There are tools to make this easier, like password managers, but they can be challenging to use. That's a disincentive for many people to rely on them.
Two-factor authentication is one way companies could secure for their customers even if they use bad passwords. If 2FA were required, consumers would need a second form of identity, often a one-time code sent to a phone after a username and password are entered, or a physical token that's plugged in.
Justin Timberlake and Jessica Biel are 'focusing on family' after costar incident, plus more news
Justin Timberlake returns home to Jessica Biel with plans to focus on his family. Plus, more celebrity news for Dec. 19, 2019.
Two - factor authentication is currently offered to Apple users on iOS 9 or macOS X El Capitan or later. Look for Settings , then Privacy and Security. The menu item for Two - Factor Authentication is From the app’s main camera screen, tap your profile icon and find the gear icon to access your
Set up two - factor authentication , if available: Enable this security feature and you’ll get a onetime-use passcode via text, email, call or authentication app, that must be entered (along with username and password) to log into your account. This can foil a hacker who cracks your password.
Watching out for hacked passwords
The technique hackers used to access the Ring cameras is often called credential stuffing. Hackers take lists of stolen usernames and passwords and try them on a variety of different accounts. According to Vice, hackers have recently been creating software tools to automate this process specifically.
New services are cropping up to warn consumers when they're using a password that's been caught up in a data breach, and this could make a big difference in the smart home, too.
For example, log-in management company Okta created a browser that'll warn you when you're using a password that was compromised in a data breach. The company also created a tool that lets websites give users a similar warning when they go to log in.
The services draw from a massive database of stolen credentials created by the service Have I Been Pwned, where you can also check which data breaches you've been involved in.
Sharing is OK
Ring and its parent company, Amazon, are ahead of the curve in helping customers safely share access to accounts.
Instead of giving the impractical advice to never share your passwords with anyone, the companies offer features that let multiple people access one account with different passwords. Of course, this also means each user must avoid the temptation to reuse log-in credentials from another account, or even to just use the same password as the other users who access the account.
If you hadn't already guessed, that's a bad idea.
Ring confirms it fired four employees for watching customer videos .
Ring has responded to the US Senators demanding answers to the security issues it's facing in a letter, which was obtained by Motherboard. In it, the Amazon-owned company has admitted that it had to fire employees for watching customers' videos beyond what they were allowed to. Ring received the four complaints over the course of four years, and it opened an investigation for each one of them. While all the employees involved had the authority to view customer videos, Ring said they accessed or attempted to access data that "exceeded what was necessary for their job functions.