How safe are baby monitors from hackers?

Hackers are targeting baby monitors and other home cameras in order to watch live footage of unwitting households, the UK government is warning.

The National Cyber Security Centre (NCSC) has teamed up with consumer group Which? to advise owners of cameras that can be accessed over the internet on how to protect their privacy.

Footage from hacked smart devices can “also be used by thieves and criminals to assist them when performing burglaries or similar attacks”, as Sky News reports.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

“There are many examples of devices being accessed without permission,” adds the BBC. “In one, the attacker spoke to a young girl, pretending to be Father Christmas.”

What happened in the ‘Santa Claus’ attack?

In December, Tennessee TV channel WMC Action News 5 reported the “chilling” experience of a local family who had set up a home security camera made by US firm Ring in the bedroom of their eight-year-old daughter.

The girl’s mother, Ashley LeMay, claimed that within days of installing the device, a hacker used it to speak to schoolgirl Alyssa.

In video released by the family, from DeSoto County, a man can be heard saying: “I’m your best friend, I’m Santa Claus... don’t you want to be my best friend?”

According to the broadcaster, the unidentified hacker “taunted” the girl and “encouraged destructive behaviour” before her father unplugged the camera.

Camera manufacturer Ring told Action News that there had been no security failure, and the LeMays admitted that they had not set up two-stage identification on the camera.

How can I make sure my cameras are safe?

The NCSC suggests three key steps to reduce the risk of camera hacking:

Change your default password: many devices come with a factory-set password that is easily guessable, such as “01234” or “password”. The NCSC suggests choosing three random words and combining them to make a memorable but hard-to-guess password.

Keep the software up-to-date: as hackers discover vulnerabilities in software they can exploit to take control of a camera, the companies that make the devices work to close those loopholes. So it is essential to keep the camera’s software, sometimes called “firmware”, up-to-date.

Switch off remote access: if you are not using the ability to access a camera remotely via a handheld device – for instance, if your camera is a baby monitor and you only use it from the next room – make sure that feature is turned off.

–––––––––––––––––––––––––––––––For a round-up of the most important stories from around the world - and a concise, refreshing and balanced take on the week’s news agenda - try The Week magazine. Start your trial subscription today –––––––––––––––––––––––––––––––

What else is being done?

The Government announced plans back in January to bring in new laws for connected devices such as smart cameras.

Under the proposals, manufacturers would be forced to make sure passwords are not resettable to any universal factory setting, provide a public point of contact for the reporting of security bugs, and explicitly state how long they will provide security updates for their devices.