Baby monitors are vulnerable to hackers: Here’s how to secure your devices

A security report says that many popular Internet-connected baby monitors are susceptible to common hacking attacks. Users of the "Internet of Things" can disable certain features – and beef up their network security – to stay safe.

Philips
A Philips In.Sight B120, one of the baby monitors studied in the security report, is shown next to its companion app for iOS devices.

As the “Internet of Things” has expanded, the network has grown to include refrigerators, cars, light bulbs – and baby monitors. Internet connectivity allows parents to live-stream videos of their children straight to their laptops, tablets, or smartphones.

But many of the most popular Wi-Fi-enabled baby monitors lack basic security controls and could be susceptible to hacking attacks, security researchers warned in a new report.

Technology security firm Rapid7 tested nine different Internet-connected baby monitors for vulnerabilities, and concluded in a report that all were reasonably susceptible to common hacking attacks.

“Overall, we did find some devices that had some very easy-to-exploit issues,” Mark Stanislav, one of the study authors, told ABC News.

The monitors were designed in such a way that an attacker could use them to pull personal information from a user’s home Wi-Fi network, or even gain access to the devices themselves to take control of the monitors’ cameras and microphones, the report concluded. Eight of the tested baby monitors received a security grade of “F,” while one received a grade of “D.”

The notion of a hacker spying on someone’s infant is creepy, but the baby monitors may also open users up to other kinds of hacks.

“A compromise on an otherwise relatively low-value target – like the video baby monitors covered in this paper – can quickly provide a path to compromise of the larger, nominally external, organizational network,” the researchers wrote in their paper. In other words: hackers could exploit baby monitors or other Internet of Things devices used by corporate officers in order to gain access to entirely separate business networks.

How can users who have baby monitors, or other Internet-connected devices, stay safe from hacks? Rapid7 recommended that parents disable extra features such as storing video footage on the Internet, and that they unplug monitors when they’re not being used. It’s also a good idea to make sure that your Internet of Things devices are connected to a secured Wi-Fi network (one protected by a strong password), and not a public access point.

The researchers recommended that the manufacturers of Internet of Things devices do a better job of building in security features that are turned on by default, as well as of delivering security patches via the Internet when flaws or vulnerabilities are discovered. One of the baby monitor makers, Philips, responded to the report with a timeline for patching the security flaws it uncovered.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.