Study: Some Web-connected baby monitors vulnerable to hackers

Study: Some Web-connected baby monitors vulnerable to hackers
© ThinkStock
Parents use Internet-connected baby monitors to keep an eye on their infants from afar via a cellphone, tablet or computer — but they might not be the only ones watching. 
Some of the top Internet-connected baby monitors lack even the most basic security functions, according to research published Wednesday. 
Boston-based security firm Rapid7 looked at nine leading baby monitors made by eight companies, ranging in price from $55 to $260. 
Some of the devices don’t encrypt their data streams, making it easier for hackers to gain access and watch video. Others had unchangeable admin passwords that were listed online or in operating manuals. 
Once hackers have accessed a device, they could use the monitor as a gateway to access other devices connected to a particular wireless network. 
Researchers said the baby-monitor problem is indicative of systemic security risks associated with what is referred to as "the Internet of Things." The more points of connection there are, the more opportunities hackers have to exploit vulnerabilities. 
Individual “smart” devices have proven notoriously easy to hack — there have been confirmed reports of cyberattacks on a refrigerator, for example — but some experts say the real risk of the Internet of Things is the accumulation of a pointillistic data portrait culled from all of a consumer’s connected devices. 
“As we interact with our devices there’s this trail of digital exhaust that we leave behind,” security analyst Ken Westin told Wired. “Once you combine this data and create very rich profiles of people, I worry that it’s going to be the death of privacy.”