Here’s something that’ll give you an incurable case of the creeps: Researchers tested nine different types of baby monitor and said they were all alarmingly vulnerable to hackers.
Ars Technica reports on the findings from Rapid7. Researchers wanted to investigate/make a point about the “Internet of Things,” meaning all those newfangled gadgets we’re putting online, like refrigerators with Pandora or whatever. Many baby monitors are now designed so you can watch the kiddo from your phone or even hand out remote access to, say, grandparents. An opportunity to watch little Susie snooze adorably, sure. But Rapid7 ordered several varieties and put them through their paces, security-wise. The results weren’t very reassuring, says Ars:
The weaknesses make it possible for hackers half a world away to perform a host of nefarious actions. They include monitoring live video feeds, changing camera settings, harvesting video clips stored online, and making an unlimited number of additions to the list of users who are authorized to remotely view and control a monitor. Researchers from security firm Rapid7 spent most of 2015 reviewing nine models from eight manufacturers and then scored them on a 250-point scale for overall security. The researchers then translated the scores into standard academic grades. Eight of the models received an F and one got a D.
“It is important to stress that most of the vulnerabilities and exposures discussed in this paper are trivial to exploit by a reasonably competent attacker, especially in the context of a focused campaign against company officers or other key business personnel,” researchers wrote. In other words, there’s the possibility that hackers trying to crack a big company could use these unlocked windows as a way to grab the info they need. But most parents will probably focus on the skin-crawling thought of somebody creeping on your baby.
Considering how damn much baby gear costs, fixing these sorts of issues seems like the least companies could do.
Contact the author at firstname.lastname@example.org.
Photo via Shutterstock.