A 24 year old South Carolina mom, Jamie Summitt, got a rather rude lesson in cyber security. She purchased a “smart” baby monitor that she could watch from her equally smart phone, only to wake up one day to find the baby monitor pointed at her.
She didn’t think much about that until she watched the camera move on its own to the spot where she breast feeds her 3 month old.
The camera, a very low end $34 camera from FREDI claims that it has NO RISK of PERSONAL INFORMATION and lifetime technical support.
When she and her husband were eating dinner together while the baby slept, her phone alerted her that the camera was moving. That prompted an Oh (fill in the blank) moment. Clearly they were not moving the camera.
Remember that consumers are not security experts and expecting to be so is doomed to failure.
To those of us in the security industry, this is not news, the hacking of baby monitors being a well worn road. Since manufacturers are not liable for the security of their products, they choose not to spend money on something that doesn’t generate revenue.
She unplugged the camera and called the police, but when the police arrived and plugged the camera in again, the peeping Tom had actually locked them out of their own camera – likely having heard the conversation with the police.
She contacted Amazon, who pointed her to the manufacturer. The lifetime tech support number was disconnected and they did not respond to email. No surprise here.
I wrote a long time about about the tests that Rapid 7 did on baby monitor security and almost all of them got an F.
So what should you do?
The first thing to do is your own research on the security of whatever baby monitor you are considering purchasing.
See if your chosen vendor offers security patches to their monitors in the past. No patches likely does not mean a secure product – just one that the vendor doesn’t care about after the sale.
Next, change the default password and make the new password something that is complex. And hard to guess.
But another simple and low tech thing to do is…
Get an old ski cap and drop it over the camera when you are home. Or at least when you are in the room. Take it off when you leave and put it back on when you come back.
At least that way the only thing the peeping Tom will see is your (hopefully) sleeping baby.
And not you in a compromising state of undress.
Information for this post came from CSO Online.