A cybercriminal was heard scaring baby by hacking into the nanny cam — “Wake up little boy, daddy’s looking for you.” “Look someone’s coming into view.”
A few months back, we informed you about the September 2015 study in which researchers concluded that almost every “smart” baby monitor that was examined by the team was vulnerable to hacking due to inherent security vulnerabilities. And that, these weaknesses could easily let strangers gain control over the device to spy on your entire family.
Well, the nightmare has come true as incidents involving baby monitor hacking has become quite common nowadays.Voyeurs and griefers are using these vulnerabilities to not just spy on babies but to terrify them as well.
One such incident shook the San Francisco couple Jay and Sarah, who couldn’t understand what their 3-year old meant when he told them that he was scared to sleep because the “phone” continually talked to him at night, according to NBC News.
Until one night when Sarah heard a stranger’s voice coming from the monitor. It said:
“Wake up little boy, daddy’s looking for you.”
What was, even more, surprising to her was that as soon as she walked into the room, the night-vision lens of the camera installed in the baby monitor examined her and this message was conveyed:
“Look someone’s coming into view.”
Another incident with the same story
In another similar incident, a Minnesota family found their baby monitor to be hacked when they saw pictures of their baby posted online. Apparently, the pictures were taken covertly from their monitor.
Experts advise that we must change the WiFi passwords and the PIN that is used for the baby monitor, however, this doesn’t seem like a workable solution considering the extensive, deeply embedded vulnerabilities identified in most popular baby monitor models.
What’s even more, concerning is the fact that very soon some of the cloud-based firms could be hacked as well, which would be catastrophic as it will expose all the stored video streams to hackers.
The couple informed that they did use a personal-use “smart” CCTV last summer, which promised to utilize motion-detection to enable a video stream that is sent to your phone via a cloud-based platform.
However, when they checked the device’s FAQs, this entry came across as somewhat strange, confirms BoingBoing:
“We have strict internal policies and barriers in place to ensure that all personal customer data remains private and secure within the XXXX Cloud at all times. Only select XXXX employees have access keys to systems that contain sensitive customer information. Authorized access to the XXXX Cloud is granted on a least-privilege basis.”
Moreover, an email was also sent to them to verify that the device didn’t offer end-to-end encryption feature. It was revealed to the couple that the only layer of security was a startup that could be easily folded and the priorities of which would change from second-to-second. Thus, they sent the device back immediately. But, after this incident, the couple took notice instantly and called the manufacturer firm of the baby monitor, Foscam.
They were told that it was possible that the baby monitor was being controlled by someone using a KDVR, smartphone or a laptop. Now, the family’s top priority is to protect their home surroundings and informing others about this harrowing experience so that others’ babies are prevented from this nightmare.
CBS
Tech Pro Security