Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

IoT Security

FBI: Home Surveillance Devices Hacked to Record Swatting Attacks

A warning issued this week by the FBI warns owners of smart home devices with voice and video capabilities that these types of systems have been targeted by individuals who launch so-called “swatting” attacks.

A warning issued this week by the FBI warns owners of smart home devices with voice and video capabilities that these types of systems have been targeted by individuals who launch so-called “swatting” attacks.

Swatting is a hoax where someone tricks emergency services into deploying armed law enforcement to a targeted individual’s location by claiming there is a life-threatening situation. These types of pranks are not uncommon, but they can result in lengthy jail sentences for the pranksters.

The FBI warned in an alert issued on Tuesday that swatters have been hijacking home surveillance and other types of devices with audio and video capabilities to watch their victims while they are being swatted. In some cases, the prankster also live-streams the video and engages the law enforcement responders.

“Smart home device manufacturers recently notified law enforcement that offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out swatting attacks,” the FBI said.

The agency has been working with the manufacturers of the targeted devices to warn customers about the threat and provide them with recommendations on how to avoid having their devices hacked.

“The FBI is also working to alert law enforcement first responders to this threat so they may respond accordingly,” the agency noted.

The FBI has advised users to enable two-factor authentication (2FA) for internet-accessible devices. However, given that the attackers rely on stolen email credentials to hijack surveillance devices, the FBI advises against using a secondary email account for the second factor, and instead recommends the use of a mobile device number. Cybersecurity professionals and even NIST have long urged users to stop relying on SMS-based 2FA.

Related: CISA, FBI Alert Warns of Vishing Campaign

Advertisement. Scroll to continue reading.

Related: FBI Warns of DoppelPaymer Ransomware Targeting Critical Infrastructure

Related: FBI Warns of Spoofed FBI-Related Domains

Related: FBI Warns of Auto-Forwarding Email Rules Abused for BEC Scams

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.