If someone messes with you, that’s one thing, but if someone messes with your kids? Now imagine remote attackers going beyond secretly eyeing the inside of your house via your wireless camera, to spying on and cursing at your child via the wireless baby monitor. Oh it's on then; time to open a can of whoop-ass and bring it to the perverted voyeur.
Most families with a baby have a baby monitor and some of those include a camera so parents can keep an eye on their little one. ABC News reported on a Houston family who had their baby monitor hacked.
Marc Gilbert was doing the dishes after his birthday dinner and he heard strange noises coming from his daughter Allyson’s room while she was sleeping, Gilbert said.
“Right away I knew something was wrong,” he told ABC News.
As he and his wife got closer to the room, they heard the voice calling his daughter an “effing moron,” and telling her, “wake up you little sl*t.”
The hacker then began shouting expletives at her parents and calling Gilbert a stupid moron and his wife a b****.
“At that point I ran over and disconnected it and tried to figure out what happened,” said Gilbert. “[I] Couldn’t see the guy. All you could do was hear his voice and [that] he was controlling the camera.”
The attacker knew the two-year-old girl’s name because he saw Allyson spelled out on the wall in her room. She did not respond to the hacker’s vileness via the baby monitor because she is deaf and her cochlear implants were turned off at the time.
The camera appears to be Foscam, one of the wireless IP cameras about which both US CERT and NIST have previously posted a vulnerability summary. At Hack in the Box security conference back in April, Qualys researchers focused on what a remote attacker could do to Foscam wireless IP cameras. They warned that the search engine Shodan shows about 100,000 wireless IP cameras that can be exploited because they have “little or no emphasis on security.” In fact, using Shodan, they said two out of 10 wireless IP cameras in the wild will authenticate you with 'admin' without requiring a password. The researchers released a tool, getmecamtool, that automates most of the attacks in their "To Watch or Be Watched: Turning Your Surveillance Camera Against You” presentation [pdf].
Foscam is far from the only wireless IP camera with flaws in the firmware. In the case of TRENDnet security cameras, part of the problem is that users don’t register their product. Therefore, the company cannot contact the wireless IP camera owners to make them aware that someone can secretly spy on them unless they update the firmware.
When it comes to taking a few extra steps to setup the best possible computer or wireless device security, some people have said things like, “Why would a hacker care about me?” They don’t seem to comprehend… it’s not about you, in particular, being interesting enough to be marked as a target. It’s just that an outsider found your device and knows how to hack it.
Do you make sure you are dressed “appropriately” for public viewing while in the privacy of your home each and every time you step in front of a security camera? If your wireless IP camera is not secure, then you’ve enabled a remote attacker to hijack it and to see into your life via real-time streaming. It may be your child, or it may be you. That wireless IP “baby monitor” camera could even be used for stalking or used by burglars to determine when you are not home.
Dave Chronister of Parameter Security told CBS News that people need to use Wi-Fi Protected Access 2 (WPA2) to set up a long password, hopefully not something vulnerable to cracking via a dictionary attack.
Cybertron International's Bill Ramsey also advised changing the default username and password on your router, on every device you purchase, as well on the website you use that gives you access to the baby monitor feed. Ramsey told Factfinder12, "There are some inherent security risks that come along with that and this is demonstrating that very well. Somebody being able to see and talk to your baby. Wow, that's like somebody standing in the window.”
Although Chronister compared this hack to “wardriving,” Kevin Rose and Dan Huard called it “warspying” way back in 2005 when the duo built the “first ever handheld auto-switching warspying device.” It was capable of picking up video from unencrypted wireless video cameras from 50 to 70 feet away. Leo Laporte later questioned whether it was “reverse-voyeurism or closed circuit idiocy?”
Speaking of Kevin Rose and private video captured through security cameras, Rose shared impressive footage of him throwing a raccoon down the stairs to save his dog Toaster from being attacked.