Digital Baby Monitors – A New Home Invasion?!

Digital baby monitors – a new home invasion?!

Recently, reports are coming in from all over with claims of privacy invasion and how is this happening? Through bugged household baby monitors! Here are some of these recent cyber intrusions and TSCM tips to keep strangers at bay.

Baby Breach #1 – A Bug Sweep for Your Nursery.

According to KIRO TV, a Washington state child kept telling his parents of the voices that came from his bed. They shrugged it off like any other childhood nonsense. Again the boy would complain, “the telephone is talking to me again, telling me to stay in bed.” Telephone? What telephone? So the boy’s mother decided to nap beside her son one afternoon, she too heard these voices. Only, these voices were not coming from a telephone, but from the webcam placed on her son’s dresser. It was a woman’s voice. Perplexed, the mother went outside to see if anyone was beside the child’s window – no, no one. She came back in the room and this time hearing the voice say, “Oh, watch this one, she’s coming in again.” Suddenly, she noticed the camera move in her direction.

Both of the boy’s parents can now recall when they heard a man’s voice saying, “Wake up, little boy, daddy’s coming for you!” The webcam, a Foscam IP camera, was being used as a baby monitor so as to be easily accessible by both parents whether at home or away. When the parents called Foscam to inquire of this issue, they were told it was possible that someone could have hacked into their laptop and gained access to the webcam’s controls. Sadly, they reported, it was impossible to tell the location of the hackers. This isn’t so however, all that was needed to be done was for Foscam to check the IP addresses that have been accessing the camera. These cameras have embedded logs which record exactly which IP addresses have accessed the camera, according to Foscam statements made to Computerworld.

This is not the first incidence where a Foscam camera has been hacked! A couple from Minnesota heard music coming from their webcam and looked up the IP address of the intruder. The culprit – a man in Amsterdam!

Another incident came months later when the website Insecam.com tapped hundreds of thousands of private cameras who were secured with default passwords from over 130+ countries. They spied on individuals in their bedrooms, offices, restaurants, bathrooms, bars, libraries, and gyms.

As a result, Foscam finally got the hint. They no longer provide default passwords and require users to change their passwords upon registration. Password changes are all fine and dandy, but not always fool-proof. The Washington family did have a private password on their webcam and were hacked anyway. As a TSCM tip, we always recommend a second shield of protection, whether it is a firewall or a properly configured wireless network.

Baby Intrusion #2 – The Importance Behind Proper Cyber Protection.

A Kansas mother, who had an open WIFI connection but a password protected baby monitor, fell prey to a voyeur. While putting her son down for a nap, she noticed the camera to be following her. She instantly froze and yelled at the camera to stop watching her. The shocked mother then turned off the camera and immediately returned it to the store. This time she opted for one that could not connect to the WIFI and warns other mother’s to make sure their cameras are secure – just because you may not have a neighbor or live on a busy street, doesn’t mean that you are safe from cyber attacks.

Sometimes a password is not enough protection. A sure way to eliminate the suspicion is to run a TSCM sweep of your home.

TSCM Tips to Block Out Unwanted Nursery Guests:

1. Establish your internet settings. Be sure to set up WIFI through your browser so that its only accessible from your side of the network. This can be done by plugging into the local area network (LAN) or the WIFI itself. Make sure the option for “remote administration,” “remote management,” or “setup via WAN” – however it may be worded – is turned OFF. Otherwise, this opens up your internet configuration to intruders who may mess with your settings.
2. Always be sure to protect your router with a username and password of your choice, not the default! Make sure the system prompts you for this upon opening the configuration screens or when wanting to change a setting. The username is not as important as the password. Easy passwords are easy targets for hackers!
3. The WIFI set up also needs to be password protected – with something different than what is used for the router. This will add a second layer of protection. Yes, it is a little annoying but do you really want people following you around your house digitally? This password can control who uses your internet, or who has access to your WIFI. You pay for it; you should obviously be in control of its accessibility. Three WIFI security levels exist: Open – no password here, WEP, and WPA2. Never use OPEN!!! Just don’t be foolish, anyone can connect, even the kid riding his bike outside. And do not use WEP. It might sound secure, but it has encryption errors that can be easily hacked. It takes only minutes for someone to crack passwords in a WEP encryption. The safest route is using a WPA or WPA2 security encryption.
4. Be sure to update your router. You update your cell phone or computer right? So do the same with your router. The vendors publish security updates every now and again to fix any bugs that have been found. This can be done by visiting the vendor’s website and download the latest “firmware.” Firmware is the operating software update for routers. Just be sure this firmware matches up with the router model, each router update is model specific.
5. Be sure to password protect your webcam. Do not forget to set up your password, do not leave it blank and please do not leave it set to the default. If you are unsure what makes a good password or aren’t sure how to set one up, just contact the vendor and they can walk you through it.

TSCM Services can help detect and eliminate any unwanted privacy breach. To schedule a bug sweep of your home call or email us on our secure web form. As always, stay safe.