Baby monitor webcam hacked

The hacking of a webcam being used as a video baby monitor has raised security concerns about the devices.
Learn more

01.Internet webcam hacked

Video baby monitor

A couple in the US has reportedly been woken up by the sound of a man’s voice in their home only to discover the stranger had hacked an internet-connected webcam being used as a baby monitor. The incident has once again highlighted the dangers of poor security on net-capable smart devices in the home.

The couple are said to have been shocked to hear a man screaming in their 10-month-old daughter’s room, trying to wake her up. The Daily Mail said the Ohio couple kept an eye on the sleeping baby using a smartphone which connected wirelessly to an internet-connected webcam attached to the crib. The unknown intruder had hacked into the camera from outside the home.

It’s not the first incident of its kind, after another US incident last year in which a man reportedly gained control of a net-connected webcam in the baby’s bedroom of a home in Texas.

Avoid the perils of remote access

Remote access baby monitors and web cameras are becoming more popular, as they allow parents to keep a close eye (and ear) on their child from anywhere in the home or even outside. The nature of the device means that people often leave them on all or most of the time. But whether you use a specially designed baby monitor or remotely accessible webcam for the same purpose, it can be vulnerable to hackers.

You need to secure your modem/router to prevent unauthorised access and any device that connects directly to the internet.

Types of baby monitors 

  • Local channel baby monitors that allow audio or audio and video monitoring locally via wireless channels, much like a cordless phone. These can still be picked up by some other similar wireless devices on the same channel unless security is enabled. 
  • IP-enabled baby monitors that work over your local Wi-Fi network and also possibly over the internet. These are different in that they use the same technology as your internet modem/router and let you keep an eye on your home from almost anywhere over the internet, but this also means that others can too if you don’t secure them.
  • Internet webcams (also called IP cameras or smartcams). These stand-alone cameras can be deployed in any room (often with a wireless connection) and don’t need to be connected to a PC. They communicate directly to a router. They are often used for security monitoring while away from home.

However, any and all devices that connect to the internet need to have proper security in place. This includes net-connected baby monitors, IP-webcams (smartcams), PC-connected webcams, PCs, modems and routers.

How to keep your connection secure

There are a few relatively simple things you can do to keep your connection secure. The first steps are to change its network name and enable encryption with a strong password. When setting up your IP camera, consider the following:

  • Update the software. Security and features get updated over time, so register the product with the manufacturer to receive updates. Also check the manufacturer’s website for any updates at time of first installation. Ensure the the firewall on your router or IP camera is turned on.
  • Change the network name, called the SSID (Service Set IDentifier). This is the name that others will see when scanning for local Wi-Fi networks. Most often it will be the make and model number of the router or device. Devices are assigned a default login and password (often as simple as something like “admin” and “1234”) to help with ease of initial setup and for resetting back to factory defaults if needed for troubleshooting. This default login and password should be changed during initial set-up. If you don’t change it, anybody can simply look up the model name and number from an online manual and login to your device and take control.
  • Use a strong password. Make sure it is unique. Don’t reuse other passwords. Make a note of it somewhere secure (not on or near the device). To check if a password you’ve chosen is “strong” enough, you can use Microsoft's online password checker. If you can’t think of a good password you can have one created for you at the strong password generator website.
  • Enable encryption. This is done in the settings menu when changing the SSID and password. Most devices offer several encryption options, including WEP, WPA and WPA2. Choose WPA2, as it is the most secure. WEP is a much older protocol that is the least secure, but is sometimes included for compatibility with older devices. Some devices come with a set-up feature called WPS (Wi-Fi Protected Setup) designed to simplify turning on security. The idea is that if both your router and wireless devices have WPS all you need to do is press the WPS button on each and they should set up a secure connection.
  • Mobile security. If you plan to access your camera from a smartphone or tablet, be sure that the relevant app is up to date and has any relevant security features enabled. Also password protect your mobile device itself, in case it is stolen or lost. Note that a camera’s mobile app might not provide the same level of security as its website (which should use https:// in the URL). If you use it on a public network, such as a Wi-Fi hotspot, you could be vulnerable. To get around this, install and use a VPN app on your mobile device, or use the built-in web browser to access the secure desktop version of the website.
  • Turn off your internet accessible camera when not in use. This narrows the window of opportunity for hackers.

See the CHOICE comparison review of baby monitors, including several compatible with mobile devices. For more general net safety tips go to Stay Smart Online.



Sign up to our free

Receive FREE email updates of our latest tests, consumer news and CHOICE marketing promotions.

Your say - Choice voice

Make a Comment

Members – Sign in on the top right to contribute to comments