Recent media reports have highlighted a troubling vulnerability with new baby monitors: being hacked.
A Houston family told their story of a hacked baby monitor to the local ABC station, which was picked up by CNN. While the hacked camera wasn’t identified in media reports, it appears to be a Foscam wireless camera, which is recommended by our book and web site.
So why did this happen? And how can you protect your baby monitor from being hacked?
First, a bit of background: in recent years, the baby video monitor market has boomed—and that has attracted many security camera companies to repackage their cameras as baby monitors. These new monitors are actually IP or network cameras, which themselves are mini computers. They connect to your WiFi network and broadcast video not only in house, but also over the internet.
To protect anyone from tuning in your baby’s nursery, cameras have passwords to prevent hacking. So how did the hacker tap into the Houston family’s monitor?
Well, the stories on the hack aren’t clear—and the dad of the Houston family commented in the ABC article that he did secure his WiFi network and Foscam with passwords.
Turns out, however, that there are security vulnerabilities with Foscam cameras—and these have been documented at hacker conferences. For the technically inclined, you can read all the details here. Here’s the problem: to stream video over the internet and make it easy to set up for users, IP camera makers sometimes cut corners when it comes to security.
And remember when we said above that these cameras are mini computers? Well, unless camera makers take precautions and plug security holes, hackers can easily exploit these holes to not only seize control of your camera, but also access your secure WiFi network, email and more. That’s because your Foscam stores your WiFi password in its memory—and that memory can be downloaded by a hacker.
So here’s how to protect your baby monitor from being hacked:
1. Change the default password. While it is unclear if this played a role in the Houston story, it is always wise to change these defaults.
2. Download the latest firmware for your camera. Once the Foscam vulnerability was exposed, the company posted updated firmware to address the security issue. Unfortunately, few folks have bothered to do this upgrade, according to media reports.
3. Don’t stream your security camera online—just view it on your WiFi network. Internet access is optional for baby monitors—if you don’t need it, don’t activate this feature. By not exposing your camera outside your home network, you minimize your risk to hacks.
4. Use a firewall on your home network.