Last month, we reported on the dangers of unsecured IoT devices, specifically when it comes to a smart toy or a baby monitor. Earlier this week, a family in Texas had the misfortune of witnessing that danger first-hand. Read on for the full story.
Family’s Baby Monitor Hacked – The Full Story
According to KPRC2, Texas resident Ellen Rigney reported that someone “hacked into the wireless camera system” her and her husband use to monitor their baby last Sunday night.
Rigney said that she and her husband first heard beeping noises coming from the monitor next to their bed. Initially, they thought that the beeping was due to a CO2 alert. However, they soon heard “sexual expletives” being said in their baby’s room.
“[Our] immediate reaction was that there’s somebody in here, somebody’s in my son’s room!”
The couple jumped out of bed and turned the lights in their room on. Just then, the Nest camera in their room, which was previously off turned on. A voice coming from the camera ordered them to turn the lights back off.
“Then [he] said ‘I’m going to kidnap your baby, I’m in your baby’s room.”
After rushing to check on their baby, they found no strangers lurking inside their house.
Ellen said the couple quickly turned off the Wi-Fi, disconnected the cameras, and called the police. They quickly threw out all of the Nest cameras they had in their house. Ellen says that they now use a non-connected camera to monitor their baby instead.
The Problem with IoT
As we’ve said before, IoT devices are still far from being secure. Since many manufacturers are rushing to make their mark in the IoT market, the issue of the device’s security isn’t being dealt with as a priority.
Sadly, most IoT devices don’t even have a way to update their security settings. The fact that they’re starting to get more popularized should mean that these security vulnerabilities disappear, but that doesn’t seem to be the case.
When Rigney reported the hack to Nest, they “were no help at all”. The company did not even apologize for their apparent camera vulnerability.
In a statement made to NBC News, Nest said that it has “seen instances were Nest customers have reused passwords that were previously exposed through breacher on other websites and made public.”
The company also ensure its customers that “none of these breaches involved Nest,” but did little more than ask its clients to use 2FA verification.
Secure Your Baby Monitor
Despite the terrifying reality baby monitor hacks actually happen, there are a few things you can do to secure your IoT devices.
- Do Not Use the Default Password. Most IoT devices come with a default username and password. Seeing as finding IoT devices online isn’t that difficult, that can be incredibly dangerous as the information is pretty public. I suggest that you always change your username/password combo when setting up an IoT device.
- Activate 2FA. Even though Nest’s reply was sub-par, to say the least, having activating 2FA (Two-factor authentication) on your IoT devices is actually a very good security step. 2FA means that you’ll need to corroborate your log-in to the device either via your phone or via email. This means that a hacker who has access to your device’s password still won’t be able to access it since they won’t be able to bypass the second authentication step.
- Set up a VPN on Your Router. Finally, secure your connection and ensure that it is continuously private, you should consider installing a virtual private network on your router. This way, you’ll be able to extend your VPN’s security features to all of your connected devices, including your baby monitor or camera. A VPN creates a secure tunnel that it uses to re-route your traffic and encrypt your data. In other words, no one will be able to hack into your connection and you won’t even have to remember to turn the VPN on.
Best VPN for Securing IoT Devices
I suggest you use ExpressVPN on your router, as it is widely considered to be one of the best service providers on the market. You can check out our detailed guides on installing a VPN on different router models or follow this general guide.
If ExpressVPN isn’t your cup of tea, try out any of these top-tier providers instead:
- Best for streaming and privacy
- High speed servers in 160 VPN locations
- Works for Netflix, BBC iPlayer, Amazon Prime Video, and Hulu
- 24/7/ live chat support
- 3 extra months free on annual plan
- UltraHD streaming
- Free Smart DNS proxy
- Unblocks all major streaming services
- Limited Time 72% Discount
- Unlimited VPN connections
- Over 1000 servers
- Ad-blocking feature available
- User-friendly application
- Exclusive Smart VPN feature
- Standalone Smart DNS subscription available
Baby Monitor Hacked – Final Thoughts
I understand the urge to join in on the latest tech trends. I’m a proud owner of a smart TV and a smart coffee maker myself. However, I also know that security is no longer something you can trust manufacturers to uphold. Having IoT devices is fine, but ignoring all of their vulnerabilities isn’t. Make sure you always stay on top of the latest security features and settings to keep your devices protected. Try to stay as informed as possible on all of the updates within the field, too. That way, you’ll have a solid idea of what devices require your attention and how to fix basic vulnerabilities in your home network.