In the Scam of the day for December 28, 2018 I told you about a Houston family who were frightened when they heard vulgar threats coming from the baby monitor they used to watch their four month old son. Their baby monitor had been hacked by someone attempting to scare them. While the hacker did not pose a physical threat to the family, the threats coming from the baby monitor certainly caused distress and also could lead to identity theft and other security concerns. Now a similar story is coming from Illinois where a family reported obscenities emanating from the Nest security camera in the room of their seven month old son. Additionally, their thermostat had been altered remotely, raising the temperature to 90 degrees and it appears that this too was caused by the hacker being able to infiltrate their other Internet connected devices. While it may seem that hacking into a baby monitor may be an invasion of privacy and nothing more, the truth is that in many instances, if a hacker is able to gain access to one device that is part of the home’s WiFi network, he or she could also gain access to other connected devices, such as the parent’s computer containing personal financial information or even the capability of connected to the computers of the company for which the parent works if the parent’s computer is networked in for working from home. Many hackers search the Internet for unsecured web cameras and baby monitors that have not changed the factory setting username and password.
Many of you familiar with my work are aware of my great concerns over the vulnerability of what has become known as the Internet of Things. The Internet of Things is the name for the technology by which various things are connected and controlled over the Internet. Some of the more common products that are a part of the Internet of Things include cars, refrigerators, televisions, copy machines and medical devices. Here is a link to a column I wrote for USA Today about the Internet of Things.
In the four years since I first reported about this problem on Scamicide little has been done to correct the problem and there are no security standards required of the manufacturers of these devices. However, as I often say, the best place to find a helping hand is at the end of your own arm and there are things that you can do to protect yourself.
Anyone who has a baby monitor should make sure that the camera and software are constantly updated with the latest security software from the company that manufactures the baby monitor. It also is a good idea to, as I have advised many times previously, make sure that your router, which connects you to the Internet, is password protected and that you change the username and default password for each of your Internet of Things devices. In the case of the Illinois family the problem does not appear to have been a flaw in the Nest security cameras, but most likely can be attributed to the use of a common password with other accounts with companies that may have suffered data breaches in which the hacked passwords became available to cybercriminals. It is for this reason that it is always a good practice to have unique passwords for each of your accounts. In addition, Nest security cameras also provide the option to use dual factor authentication by which access to the system not only requires a password, but also a one time code sent to your phone whenever you or someone else tries to access the account.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”