In the Scam of the day for December 28, 2018 I told you about a Houston family who were frightened when they heard vulgar threats coming from the baby monitor they used to watch their four month old son. Their baby monitor had been hacked by someone attempting to scare them. While the hacker did not pose a physical threat to the family, the threats coming from the baby monitor certainly caused distress and also could lead to identity theft and other security concerns. Now a similar story is coming from Tennessee where a family reported their Ring camera installed in the bedroom of their three young girls was hacked and the hackers not only were able to spy on the children, but also actually spoke to the children through the Ring’s speakers. As disturbing as this story is, the problem is even more threatening than it appears. While it may seem that hacking into a child’s monitor may be an invasion of privacy and nothing more, the truth is that in many instances, if a hacker is able to gain access to one device that is part of the home’s WIFi network, he or she could also gain access to other connected devices, such as the parent’s computer containing personal financial information or even be able to connect to the computers of the company for which the parent works if the parent’s computer is networked in for working from home. Many hackers search the Internet for unsecured web cameras and baby monitors that have not changed the factory setting username and password which gives them easy access to these cameras.
Many of you familiar with my work are aware of my great concerns over the vulnerability of what has become known as the Internet of Things. The Internet of Things is the name for the technology by which various things are connected and controlled over the Internet. Some of the more common products that are a part of the Internet of Things include cars, refrigerators, televisions, copy machines and medical devices. Here is a link to a column I wrote for USA Today about the Internet of Things.
In the four years since I first reported about this problem on Scamicide little has been done to correct the problem and there are no security standards required of the manufacturers of these devices. However, as I often say, the best place to find a helping hand is at the end of your own arm and there are things that you can do to protect yourself.
Anyone who has a Ring camera or baby monitor should make sure that the camera and software are constantly updated with the latest security software from the company that manufactures the camera. It also is a good idea to, as I have advised many times previously, make sure that your router, which connects you to the Internet, is password protected and that you change the username and default password for each of your Internet of Things devices. In the case of the Tennessee family the problem does not appear to have been a flaw in the Ring security cameras, but most likely can be attributed to their failing to change the default password with which the Ring camera came. These default passwords are easily discovered by hackers. Internet of Things devices are also readily hacked when people use the same password for all of their accounts and one of those companies suffers a data breach in which the hacked passwords became available to cybercriminals. It is for this reason that it is always a good practice to have unique passwords for each of your accounts.
Another important way to enhance your security is to use dual factor authentication by which when your account is being accessed, the company sends a one-time code to your cell phone to use to be used to access your account so even if a hacker has your password they would not be able to access your account. Ring offers the option to use dual factor authentication. Here is the link to set up dual factor authentication on your Ring device. https://support.ring.com/hc/en-us/articles/360024818291-Using-Two-Factor-Security-Authentication-with-Your-Ring-Products
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”