- Default passwords and obsolete firmware transform your domestic camera into a public livestream, warns the report
- Thousands of exposed webcams offer a first row head office in privacy and corporate
- A simple web browser is everything you need to take a look at 40,000 unmarried cameras flows
Thousands of webcams connected to the Internet, intended to improve safety and convenience, now involuntarily offer a window on privacy and secure environments.
Bitsight search says that more than 40,000 webcams around the world are accessible to online public, often without knowledge of their owners.
These include security cameras, babies monitors, office surveillance systems and even devices inside hospitals and factories.
A growing digital threat, not hypothetical
The survey underlines how easily these cameras are accessible.
“No passwords. No protection. Just there,” wrote João Cruz, a main safety researcher at Bitsight Trace, noting that he does not require elite hacking skills or expensive software. In many cases, just a web browser and a valid IP address.
“We first raised the alarm in 2023, and on the basis of this last study, the situation has not improved.”
Exposed images range from innocent scenes, such as bird feeders, to much more sensitive views, such as home entry points, live food of salons, white tables in office spaces and even operations inside the data centers.
Torrely, disturbing conversations have emerged on the Dark web forums, where some users share methods to locate on exposed cameras, or even sell access to live flows.
“It is not hypothetical: it happens right now,” said Cruz.
The United States leads with around 14,000 on display, followed by Japan, Austria, Cheche and South Korea. They are not isolated incidents but part of a wider failure in the way the cameras connected to the Internet are deployed and managed.
The Bitsight team has scanned for HTTP and RTSP cameras, and the results suggest that these figures can only scratch the surface.
Many apparatus on display result from basic configuration errors: default identification information, open Internet access and obsolete firmware that leaves vulnerable systems.
While suppliers and manufacturers must improve the safety of devices, users also share responsibility.
The choice of products verified for cybersecurity can help, but users must also associate their camera configurations with tools such as leading antivirus software and the best rated parental control solutions, which often include network monitoring to report unusual access or unprotected devices.
In the end, private users must always check the remote accessibility settings, modify the default passwords, regularly update the firmware and, in particular for companies, apply firewall protections and require VPN access.
