The Short of It
Security flaws have been detected in numerous Internet-connected video baby monitors, according to new research released Wednesday from tech security firm Rapid7 Inc. That means it could be easy for hackers to see your baby—and anything else in the monitor's view—as well as change and manage your passwords and even mess with your Wi-Fi and security settings.
In shocking—and creepy—news, the company's report found that nine popular Internet-connected baby monitors from eight different manufacturers are vulnerable to security breaches.
Internet-accessible video baby monitors are a must-have for tech-savvy parents because they allow moms and dads to monitor Baby from their computers at work or on their smartphones when they're out and about. (These aren't your mama's baby monitors, where one stays in the nursery and the walkie-talkie type device stays with mom or dad!) It seems like a cool way to keep tabs on your child when you're away from home, but apparently, many of these devices are pretty simple to hack. For example, some monitors tested by Rapid7 had hidden or unchangeable passwords (available in manuals or online!) that would make it a snap for hackers to gain access to the cameras; others have unencrypted data storage. And that's not all: Wi-Fi networks, personal computers and security systems can be at risk, too.
"Overall, we did find some devices that had some very easy-to-exploit issues," the study's co-author, Mark Stanislav, told ABC News.
The findings of Rapid7's research have been reported to all of these manufactures as part of what the firm describes as a "vulnerability disclosure porcess," and one model tested had already been discontinued. But just one manufacturer, Philips N.V. (the maker of the now-discontinued model) had what the report called an "exemplary" response. One manufacturer was "impossible to contact" while others never responded. And some, "responded with concerns about the motives behind the research, and were wondering why they should be alerted or why they should respond at all." Which, frankly, is not the type of resonse you want. (Do motives really matter when a tech security firm tells you your product can he hacked?)
I didn't even have a baby monitor when my son was young, because we lived in a cozy apartment that was so small I never needed one. But I'm in the minority there—so if you have an Internet-accessible baby monitor, check Rapid7's report—and make sure it's not vulnerable to these security flaws.