A top security expert said a website hacked into thousands of private security camera feeds to warn people to remain vigilant in their use of the devices.
Ngo Tuan Anh, deputy chair in charge of internet security at the BKAV IT company, made the announcement after website insecam.com began streaming live footage being recorded by 935 CCTV camera at homes and businesses across Vietnam.
The website said it sought "to demonstrate the importance of paying attention to one's security settings" and has also broadcast live feeds from hundreds of foreign CCTV camera owners who neglected to reset the default passwords on their cameras.
Most of those cameras came with the password “admin” or “12345”.
Many were put up in kindergartens, shops and factories throughout Vietnam.
Anh said BKAV is attempting to warn the owners of the hacked CCTV cameras by reaching out to them through their IP address.
“The company is expected to launch a support tool to spot cameras being spied on,” he said.
Anh said footage pirated from hacked CCTV cameras could pose a serious threat to personal and business information.
“The system can be hacked in such a way that security forces will end up watching fake feeds during break-ins,” he said.
Nguyen Hong Phuc, an independent security expert, said the attack was mounted by targeting IP address linked to cameras with default settings.
“People only have to change their username and password. For better safety, they should switch off the function that allows them to share their footage on a surveillance network,” he said.
Nguyen Duy Ngoc, chairman of Vietnam Information Security Association, said the fact that nearly 1,000 security cameras have been hacked offers another warning about internet security for local companies and organizations.
“Vietnam has become a hot spot in the field of information security in Southeast Asia and the Asia-Pacific region,” he said.
The incident occurred just a few days after police identified the professional hackers behind the biggest-ever cyber attack in Vietnam, last month.
The attack shut down many websites run by the Vietnam Communications Corporation (VCCorp).
On October 13, a number of websites run by VCCorp -- a Hanoi tech firm that owns and hosts online games, e-commerce services and news websites in Vietnam -- were shut down.
It wasn't until November 5 that VCCorp announced that all its websites had fully recovered.
Nguyen The Tan, VCCorp’s deputy general-director, said the group of hackers may have spent around US$500,000 on the attack.
The firm estimated that damages to the company totaled between VND20 billion and VND30 billion (roughly US$94,000-$140,000).
Tan said that the hackers may have surveyed the company for around six months before launching the professional malware attack on its data center.