Always feel like someone’s watching you — or your baby? The New York City Department of Consumer Affairs is launching an investigation into baby monitors to find out how vulnerable they are to hacking. It sent subpoenas to several video monitor manufacturers and will investigate whether they’ve fixed known vulnerabilities and if they’re engaging in false advertising when it comes to security claims.
“Internet-connected devices like video monitors provide convenience but without proper safeguards, they pose serious privacy risks,” DCA Commissioner Julie Menin said today in a statement. It’s not just the stories that make the news when a parent hears voices coming through the baby monitor or notices the camera following their every movement. Connected cameras and baby monitors have lots of known vulnerabilities, and many device owners may not even know they’re at risk.
Related: The FDA wants medical device manufacturers to be proactive about cybersecurity
A September 2015 report from security analytics provider Rapid7 gave eight of the nine baby monitors with cameras it analyzed an F (as in fail) when it came to security. The other received a D. The cameras were transmitting video without encryption or had easily cracked default passwords. HP conducted its own study and found that all the Internet-connected home security systems it tested had encryption and password issues. Some wouldn’t lock you out if you tried repeatedly to guess the password and others simply let you choose weak passwords or leave the default one in place. Back in 2014, an article published on Motherboard detailed a website that collected video streams from over 73,000 IP cameras whose owners never changed the devices’ default passwords.
As the DCA investigates, it has some advice for those with Internet-connected baby monitors: Do your research to see if your camera has known security vulnerabilities, regularly change your difficult-to-guess password, register your device to get firmware and other updates, and turn the camera off when you’re not using it.
- Lenovo protected its file sharing app with “12345678” password
- This smart home security camera can report suspicious people and cars
- Google employees discovered how to hack a corporate network just by sending an email
from Planet GS via John Jason Fallows on Inoreader http://ift.tt/1SceqdJ
Jenny McGrath
More Stories
‘My 401k Misses You’: Black Woman Pumped To Meet Donald Trump In Philadelphia – July 18, 2023 at 04:56PM
Energy Provider Warns of Impending ‘Crisis,’ ‘Blackout Conditions’ Driven By Biden Plans – July 18, 2023 at 04:20PM
Dog starts barking at cows crossing a bridge, so the cows stop to have a look. – July 17, 2023 at 02:27PM