Unauthorized Viewing on Baby Monitors
Baby monitors play a great role in helping ease a parent’s mind while their children sleep peacefully in the next room. Ironically, they’ve been hit with a vulnerability that allows unauthorized viewers to gain access to a camera’s private video stream. Unfortunately, hundreds of thousands of live devices have been impacted by this.
The issue has been found in the Real-Time Streaming Protocol (RTSP), which is a set of procedures that various cameras use to control their streaming media. Although it’s scary to think of a stranger being able to see images of your child and their bedroom or surroundings, this vulnerability is stretching even further than that. Daycare centers, that allow parents and guardians the opportunity to have access to a video that is being streamed from inside the classroom, are also highly at risk.
The specific models that have been affected are the Hipcam RealServer/V1.0; the webcamXP 5; and the Boa/0.94. 14rc21. A total of 110,000 open/public camera streams have been found, that we know of. A little more than half of these cameras are used for surveillance of the exterior of stores or houses, about 10% are used for the interior of houses, and the rest are believed to be used as baby monitors.
What are some ways to keep children protected?
- Password-protect the device (usually found in the camera’s user manual). This is especially important for daycare centers.
- If the device does not allow users to set a password, avoid exposing it to the internet.
- Log into the home router and look for the “access control” or “access list” setting. This allows users to whitelist specific IP addresses, allowing only those devices to connect.
- Research each device before purchase, to make sure it’s an actual baby monitor and not a repackaged Wi-Fi webcam.
Categorised in: IT Threat