The arrest last month of an alleged British pedophile in Benidorm has revealed the ease of accessing images through domestic cameras. The arrested man had databases with models of home security cameras and hundreds of thousands of serial numbers on his floor. According to the police, he had collected more than 1,000 videos from 70 families around the world. All were with sexual content, with naked minors. “Which brings us to a clear conclusion: if he had that, he had actually accessed much more and then he had selected them,” says Israel Díaz, inspector of the First Group for the Protection of Minors of the Police, which took the case.
It was not the first time that he had been arrested for similar acts. The first was still minor. According to Díaz, the detainee “has a higher technological profile than usual.” “Criminals in this world tend to mask themselves well, but this was also offensive, capable of reaching new homes and people to find new images,” he adds. However, even in private settings, the unsettling reality is that many of these cameras are easy to access. So is protecting yourself by taking elementary security measures.
Many of these cameras are like a rudimentary computer open to the internet. Just as a traveling mother can see on her mobile how her child sleeps at home, without proper installation, anyone can access these images. A deep technical knowledge is not necessary, although a lot of free time is necessary, according to Martín Vigo, founder of the cybersecurity consultancy Triskel Security. “I don’t think there is hacked the cameras, but you will know the three or four most common camera models that have a default name and password, you will know which page and what to look for exactly, and you will have been testing those passwords. Although sometimes they are even open ”, he explains.
It is like having several master keys, which are on internet forums, to be tested on thousands of doors. Owners who have not changed the standard lock leave the door accessible to whoever has the key. All the intruder has to do is check the model and serial number and see if your key works. Once inside, you just have to see if that camera or set of cameras offers something interesting. If not, go for the next one.
It is such a simple process that several web pages offer automated content. EL PAÍS has visited a couple of these pages, which offer open images of hundreds, thousands of public and private cameras. They are divided by country or city, models and brands. This newspaper does not reveal the names of the most visited pages so as not to facilitate their promotion, but they are not a secret from anyone, nor are they hidden. In searches of a few minutes, EL PAÍS has seen dark corridors, garages, supermarkets and industrial warehouses with their active workers, private porches and terraces with swimming pools, ladies typing on the computer and sleeping in their beds or waiters serving bars.
How to prevent a pedophile from having access to the most intimate parts of our lives? The simplest method is not to put cameras in places like bathrooms or bedrooms, says the police officer and forensic analyst at the Central Cybercrime Unit Manuel Guerra. “If you must have a camera in the bedroom or bathroom, which is only accessible on the local network, when I’m connected to the Wi-Fi at home,” he says. That is, it can only be accessed from inside the house. From there, with the cameras not connected to the local network but to the internet, that is when the risk multiplies. And the resources to ensure privacy are more complex.
The minimum security requirements for home cameras, therefore, would be to change the credentials (name and password), make the camera accessible only locally and, if you want to access from outside the home, that it be done through a VPN, which it is a virtual tunnel that connects a device with a home network, like the one used by companies to allow remote work. You should also change the password of the router so that it is not easy to access the local network. And even so, perfect security would not be achieved, according to Vigo, because there are circumstances that the user cannot control. “In the case of cloud services, it is an outside company that stores the images, which is an ideal target for criminals, because data from thousands of cameras are stored,” he explains.
And that’s not all yet. If the cameras are connected only to the local network, there are also ways to sneak in. But it is much more difficult: the technical knowledge that the attacker must have is greater. It is not impossible, however. In addition to tutorials to access domestic cameras, the Police found programs on the pedophile’s computer to enter other computers without permission and capture their passwords or files.
The Police and the Ministry of the Interior – whose strategic objective is the prevention and dissemination of a cybersecurity culture – are aware of this disturbing panorama and are ready to help. The Ávila Police Academy and the University of Salamanca are preparing for September some free training modules open to the public for users with a basic level in the second edition of the Ciberwall Academy, where Manuel Guerra collaborates. One of the first modules will be on how to secure the personal and professional environment. “You need involvement and co-responsibility because you cannot put a policeman on each device. The user must know what he has in hand and it can be achieved if in return you give him training, which is our strength ”, says Casimiro Nevado, Police Inspector and coordinator of the appointment.
Beyond the home cameras
Obtaining such a large number of unpublished images using home cameras is not common. Although it was not the first time that the Police saw images from these cameras in an alleged crime of pedophilia. But the detainee had an even more refined digital skill: he was able to edit images of clothed children and undress them. “He produced his own child pornography with image editing programs. Sometimes these edits are crude but in this case they seemed real. Their goal was to have new child pornography, ”explains Díaz.
Those “retouched” nudes can be done with programs like Photoshop, but there is software accessible in online repositories that allows you to automate this process with artificial intelligence. The company specialized in deepfakes Sensity investigated a few months ago a bot on Telegram that “stripped” photos of girls. A user sent a photo and the program returned it without clothes, with a body created from a database of thousands of nudes. “In our investigation of the Telegram bot we were able to recover the files used to generate the bot images,” says Giorgio Patrini, founder of Sensity. “We found more than 100,000 images, almost all of them women, although a small fraction showed ‘undressed’ body parts of minors. Unfortunately the application of nudes deepfake with minors is not hypothetical and it is absolutely possible that incidents are occurring ”, he adds.
The third method used by the pedophile to obtain new images was online harassment: contacting victims through social networks or offering English classes. “It must be taken into account that this investigation is carried out during confinement,” says Inspector Díaz, “with which his activity on the Internet increased.” But it doesn’t seem like it completely limited their actual activity. “When the confinement ended, we began to follow him. We have identified a minor who she taught: she puts in a mobile phone to see the girl’s underwear. It is a life dedicated to obtaining images of minors ”, he adds.
Despite this jump to real life, the criminal life of this pedophile was spent almost permanently in front of the two large computer screens that he had at home. He received orders to harass or find images of specific victims from adults who knew these minors. For these types of photos he charged $ 80, according to the Police, who have found 11 victims of harassment around the world. Being a native Englishman, one of his alibis was teaching.
The pedophile used the Tor browser to contact and sell material on the call dark web (dark web). “Tor are the most dedicated pedophiles. We are talking about people very interested in having the latest, the most abject. Those are the ones who pay, ”says Díaz. This is where he was first detected and where the police were able to trace him despite his precautions and name changes. One of their precautions was not to keep any of their passwords or emails on the computer, which the police found on little pieces of paper or sometimes notebooks distributed around the house. In this way, he was saved from remote hacking, but if they entered his house, everything was in sight.
On the forums he bragged about his skills and that the police would never catch him again. He bragged that legal material had been returned to him when he left. The operation was named Belial, a demon of Hebrew origin linked to arrogance, in his honor. Díaz does not believe that he managed to live alone from this work. He was also a waiter and the police believe that the illegal image trade did not give him enough income to live. In his Bitcoin wallet he had a few thousand euros.