google-site-verification: googlee9447d3b266da5de.html

NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

Weekly Threat Report - 6th March 2020

Consumers urged to secure internet connected cameras

This week, with support from Which?, we published new consumer advice and guidance on how to secure internet connected cameras in the home.

We’re all becoming more reliant on ‘smart’ technology, and things like connected security cameras and baby monitors help make our lives easier. However, insecure default settings can leave devices vulnerable to cyber criminals.

In rare cases, live feeds or images from smart cameras can be accessed by unauthorised users and that’s why we outlined three steps people can take to make their devices safer:

  • If your camera comes with a default password, change it to a secure one – connecting three random words which you’ll remember is a good way to do this. You can usually change your password using the app you use to manage the device.

  • Keep your camera secure by regularly updating security software. Not only does this keep your devices secure, but often adds new features and other improvements.

  • If you do not use the feature that lets you remotely access the camera from the internet, it is recommended you disable it.

The NCSC is supporting the Department for Digital, Culture, Media & Sport (DCMS) in the development of future UK legislation, which will ensure consumer smart devices sold in the UK adhere to three rigorous security requirements. These are:

  1. Device passwords must be unique and not resettable to any universal factory setting

  2. Manufacturers must provide a public point of contact so anyone can report a vulnerability

  3. Manufacturers & retailers must state the minimum length of time for which the device will receive security updates

Tesco and Boots issue security warnings to customers

Tesco Clubcard and Boots Advantage Card holders have been warned of potential security risks. Earlier this week, Tesco confirmed new Clubcards would be issued to 600,000 members following unauthorised attempts to access customer accounts. It’s understood criminals had used a database of stolen usernames and passwords, wit