Never let the truth get in the way of a good headline, they say. (And I should know — I've been writing headlines for 20 years.)
But if the following headline from the San Jose Mercury News sounds just a little too sensational, you're right. It is.
"5 minutes of sheer terror": Hackers infiltrate East Bay family's Nest surveillance camera, send warning of incoming North Korea missile attack"
That's a mouthful. And it's also incorrect.
https://twitter.com/mdrndad/status/1087861524738334721ORINDA — Laura Lyons was preparing food in her kitchen Sunday when the lazy afternoon took a turn for the absurd. A loud squawking — similar to the beginning of an emergency broadcast alert — blasted from the living room, the Orinda mother said, followed by a detailed warning of three North Korean intercontinental ballistic missiles headed to Los Angeles, Chicago and Ohio.
"It warned that the United States had retaliated against Pyongyang and that people in the affected areas had three hours to evacuate," Lyons said Monday. "It sounded completely legit, and it was loud and got our attention right off the bat. … It was five minutes of sheer terror and another 30 minutes trying to figure out what was going on."
The story, as you might have surmised by now, involves some Nest cameras and someone who shouldn't have gaining access to them. But the first question you need to ask (and presumably a reporter needs to ask) is how did someone gain access to the hardware.
In this case, the camera owner's account was compromised. If I have your email and password and can log into your Nest account, I can say whatever I want through your Nest devices' speakers. That's how they work.
Sure, folks probably were terrorized for 5 minutes. But nobody infiltrated anything. They came in through the front door.
How to set up two-factor authentication in your Nest app
We cannot (and should not) blame the victim here. This is a pretty awful attack, even if it ultimately didn't do any physical damage. (Though who knows how long the lurkers were lurking and what they might have seen and heard through the cameras.)
But it's once again another example of why password hygiene is so important. Unique passwords must be used. Password managers should be employed. Two-factor authentication must be used whenever it's available. (Nest has 2FA at the account level, but it only uses SMS tokens, which aren't as secure as folks would like to think. It's also optional and not on by default.)
The internet (and the next-generation Internet of Things) was not built with security in mind. It's up to us to protect ourselves.
Check out everything announced during the August 6 State of Play
From Bugsnax to Godfall, there was a variety of titles in the latest Sony showcase. Here's everything that was announced during PlayStation's August 6 State of Play.
Samsung Galaxy phones will now get three years of OS updates
Samsung will start giving its Galaxy phones the same update treatment that Google gives its Pixels.
Control crosses over with Alan Wake with AWE on August 27
Control's AWE expansion is coming soon. During today's State of Play, Remedy Entertainment revealed that the AWE expansion is set to release on August 27.
Snag one of these mounts and put your Nest WiFi anywhere in your home
You'll likely want to end up mounting your Nest WiFi at some point in time, as it will provide an easy way to hide those pesky cables. These are the best mounts that you can get for the Nest WiFi today!
