NEW YORK – Several of the most popular Internet-connected baby monitors lack basic security features, making them vulnerable to even the most basic hacking attempts, a cybersecurity firm said.
The possibility of an unknown person watching their baby's every move is a frightening thought for many parents who have come to rely on the devices to keep an eye on their little ones. A hacked camera could also provide access to other Wi-Fi-enabled devices in a person's home, such as a personal computer or security system.
The research released Wednesday by Boston-based Rapid7 Inc. looks at nine baby monitors made by eight different companies. They range in price from $55 to $260. The researchers found serious security problems and design flaws in all of the cameras they tested. Some had hidden, unchangeable passwords, often listed in their manuals or online, that could be used to gain access. Some of the devices didn't encrypt their data streams or web or mobile features, said Mark Stanislav, one of the report's authors.
The researchers tested Phillips In.Sight B120, iBaby and iBaby M3S, Summer Infant Summer Baby Zoom Wi-Fi Video Monitor & Internet Viewing System, Lens Peek-a-View, Gynoii, TRENDnet Wi-Fi Baby Cam TV-IP743SIC, WiFiBaby WFB2015 and Withings WBP01.