What will you do when you hear the voice of someone you do not recognize in the room of your baby?
At the very least, the stranger is not physically inside the room, but the guy might have hacked into your baby monitor system through a loophole in the device’s camera.
Reports of hacks into Internet-connected baby monitor cameras have increased through the years because of Shodan, a search engine through which CCTV and Web cameras can be remotely accessed. The same flaw in Shodan has enabled hackers to watch sleeping kids using the hacked camera.
To help curb the growing number of incidents involving hacked baby monitors, the U.S. government has kicked off a probe on at least four manufacturers of baby monitors believed to have poor security measures in place.
As these incidents continue to take place every now and then, parents are increasingly worried about what the hackers might do to their children. It only makes sense then to take baby monitor companies to task for their insecure products, contrary to the claims made in their labels or ads.
But mere investigations would not be enough to address this concern. Parents also have a responsibility to learn more about managing a baby monitor system even if only for safety reasons. The hacked baby monitors most probably lacked the necessary security features, leading it to get exposed to Shodan and other sites that hackers use to gain unauthorized access to camera systems.
Internet connection baby monitors are equipped with a mic, speaker and camera that transmit information to wireless routers in real time, which in turn sends the feeds live to the Internet so that parents are able to keep watch of their children wherever they are via their mobile devices.
According to experts, Shodan was used to steal photos from the vulnerable baby monitors through a network of bots that worked to crawl the Internet in order to find camera systems that employ the live streaming protocol. The vulnerability emerges when the protocol does not include a password authentication system, which lets bots to gain access to the live feeds from the camera and send the photos to the users of Shodan.
The task becomes easy then for Shodan users to penetrate any device without the verification hurdles. Since baby monitors without security standards become automatically public devices, hackers easily get their way into these devices.
But security experts insist the bottom of the problem lies in the manufacturers themselves and the complacent customers.