The UK might be slipping down the global economic chart, but there is one thing that we excel in: surveillance. It’s hard to be precise about the exact number of CCTV cameras in the UK. The vast majority of them are privately owned and don’t have to be registered. But a recent survey estimated that there is one camera for every 11 people in the UK. It’s one for every ten of us in London, where you can expect to be caught on camera at least 70 times a day. No surprise, then, that our capital is one of the most watched places on earth, up there with cities in China, a country that accounts for more than half the billion security cameras in the world.
It’s one reason why my new thriller, No Place To Hide, opens in south-east London. The main character, a successful consultant paediatrician called Adam, has everything going for him: a beautiful GP wife, two lovely kids, high-flying career. But he’s convinced that he’s being watched – by the security camera at the end of his street in Greenwich, people’s mobile phones in the park, the cameras at Lewisham Hospital, where he works. I wanted to create an intense atmosphere of paranoia, an overwhelming sense of being watched, and it wasn’t hard to do that in modern Britain. It’s only when you start to look around that you realise quite how many cameras there are around us: traffic cameras, dashcams, front door security cameras.
But I wanted to ramp the tension up another notch and that’s when I discovered SHODAN (which stands for Sentient Hyper-Optimised Data Access Network). I’m not a computer geek, but I do try to be accurate if I’m going to feature a piece of cunning software in my novels. Maybe it’s a legacy of having been a journalist for years before I became a fulltime writer, but I think it’s essential to create the whiff of authenticity if you’re going to take readers into a futuristic-sounding world that is all too real and present. I’d heard about Pegasus, the Israeli malware that can hijack your smart phone, including the camera and microphone (as well as send texts). But it’s largely the preserve of intelligence agencies and not the sort of thing you or I would ever get our hands on. SHODAN, on the other hand, has been available to everyone since it was developed by a young Seattle-based software developer called John Matherly, back in 2009. It also targets “the internet of things” – all those domestic devices that are linked to the web in so-called smart homes: heating, the fridge, the kettle, security cameras.
SHODAN is essentially a search engine that identifies any internet-connected device on your network. Most of the time, it’s a force for good, used by cyber security firms and law enforcement agencies to highlight weaknesses in, say, a company’s IT systems. But it’s also used by hackers who want access to our homes for nefarious purposes, whether it’s to rob us or, more pruriently, to spy on our private lives.
One of what I hope is the scariest scenes in No Place to Hide is when Adam realises that someone who means to harm him and his family has hacked into the baby monitor and is watching his children asleep. This is not so unlikely as it may sound. Most of us, when we buy a security camera for the front door or a webcam to keep a watchful eye on our children, don’t change the password on the device. SHODAN not only identifies any device that might be linked to the home Wi-Fi, it also checks to see whether it’s secure or not. A staggering number of devices are used with the factory default “admin” as the username and “1234” as the password. It might only be your printer that’s unprotected, but that could be a way into more sensitive devices using your home router. (In particular, SHODAN searches to see if Port 554 on your router, used by Webcams, is secure.)
If anyone needs proof that, say, public cameras are insecure and can be easily accessed, take a look at the website insecam.org. This carries live feeds from thousands of network surveillance security cameras around the world that haven’t changed their passwords. “These cameras are not hacked,” a statement on the website claims: “All cameras listed on the site do not have any password protection.” A quick scroll reveals a front door security camera in Eindhoven, a hotel foyer in Sochi and a shop in Gora, Poland. 97 unprotected security cameras are currently listed for the UK (you can search for any country apart from China), including a traffic camera in Swindon, a flight school in Lee on Solent, and a builders’ merchant in Exeter. (For some reason, Newport has lots of unsecured cameras.) Some are clearly public webcams, but the majority are private security cameras that weren’t intended to be live-streamed on the internet.
Modern technology provides numerous opportunities for the thriller writer, but it’s easy to wear your research on your sleeve. I sprinkle a few nuggets of technological truth through the text (SHODAN plays a crucial role in one major scene), but you can quickly lose readers if you go overboard. Most of the computer content is channelled through a character called Ji Ma, a technepreneur who also provides some comic relief. I also made sure that Adam, the main character, is a bit of a Luddite when it comes to technology, another way of trying not to alienate the lay reader. If early reviews are to be believed, readers have gone away to turn off their Wi-Fi at night, stick plasters over their computer cameras and change the password on their printers. As Joseph Heller wrote in Catch 22, “Just because you’re paranoid doesn’t mean they aren’t after you.”
No Place to Hide by J.S. Monroe is published by Head of Zeus an Aries Book (13 April 2023) HBK £20.00
Events
17th May
11am Fowey Arts Festival, Cornwall. Link to tickets here. https://www.foweyfestival.com/event/s-j-monroe-no-place-to-hide/
Wednesday 8th June and is part of Crime Writing Month
https://www.thesmallcitybookshop.co.uk/event-details/a-night-of-bristol-crime
14th June Waterstone’s Cambridge. Event with LC North at 6.00 – 7.30pm. Link to tickets here. https://www.waterstones.com/events/search/author/3828032/shop/cambridge-sidney-str