3rd Parties Viewing People's Private Images Via Iot Cameras

3rd parties viewing people's private images via IoT cameras

The Yomiuri ShimbunMakers of network cameras, or cameras that connect to the internet, have started taking countermeasures to prevent captured images from being viewed online by anyone due to erroneous settings and other reasons.

One website displays images from around the world taken from such cameras, including in Japan.

Until October, a projection show at the Synra Dome theater at the Science Museum in Chiyoda Ward, Tokyo, was viewable online by anyone via a camera at the museum.

After receiving a notice from The Yomiuri Shimbun, the museum took measures such as changing the password to a more complex one and not having the camera connected to the internet around the clock.

The museum is operated by the Japan Science Foundation — a public interest incorporated foundation.

Synra Dome holds video programs that feature astronomical images — in a twice a month show — taken by a U.S. observatory that are sent via the internet. The camera was installed in late July to send images from inside the theater to the United States.

The museum insists it properly set a password when it installed the camera. But an unidentified person viewed images it captured through an unidentified method — without entering a password.

"We would like to take thorough care to manage the system and prevent similar incidents from occurring," a museum official said.

Network cameras are spreading. Users are able to view images on smartphones and personal computers via the internet of things (IoT) network, which connects everyday items to the internet.

However, if a user does not change the password that was set before a camera was shipped from the factory, it is possible for third parties to see the images captured by that camera, if they successfully identify information such as the product’s unique IP (internet protocol) address.

The problem has been pointed out by experts for several years, but images from about 1,500 cameras in Japan are still available to view on a foreign website. They include images that are believed to have been taken in homes and medical institutions.

Domestic manufacturers are warning people in the instruction manuals of their items and on their websites. Last year, Panasonic Corp. and Canon Inc. introduced systems under which no passwords are allocated for products at the time of shipping. The products are unusable unless users set their own passwords.

However, there are still many products, including foreign ones, with lax countermeasures.

"It seems simply relying on user IDs and passwords is reaching its limit in terms of protecting information," said Ritsumeikan University Prof. Tetsutaro Uehara, who specializes in information security.