It must have been terrifying.
A young family was fast asleep when they heard a voice through their baby monitor screaming, “Wake up baby.”
A stranger had hacked their baby monitor and was watching their daughter sleeping.
A US couple has described their horror of waking up to the sound of a man’s voice in their 10-month-old daughter’s room. Heather and Adam Schreck told Fox 19 they felt ‘violated’ at the encounter.
It was around midnight when they heard the disturbance. Heather said she immediately checked her mobile phone – where the images from her daughter’s cot were streamed.
Chillingly, the camera was moving around as though following a person in the room.
Heather told Fox 19 that the voice then started screaming again. “He was screaming, ‘Wake up baby. Wake up baby.’ Then just screaming at her trying to wake her up.”
They ran to their daughter’s room. With her husband now at her side, the couple looked in horror as the camera turned from their baby and pointed at them.
The man then started yelling abuse down the camera.
That was when they realised their baby monitor had been compromised.
The Daily Mail reports the baby monitor stalker may have in fact been trying to get into the network to steal passwords.
A computer solutions expert Dave Hatter told the newspaper, “It’s not just that they want to get in and mess with your camera, they can use this as a launching off point to get into your network and potentially steal your ID or use your network to launch malicious attacks against someone else.”
It has happened before. Last year, a family in Texas had their two-year-old daughter’s baby monitor hacked.
Marc Gilbert told ABC News America that he was downstairs doing the dishes when he heard a stranger calling his sleeping daughter an “effing moron” and “little slut”.
Heather and Adam Schreck have since found out that their baby monitor had a software update they were unaware of that will help protect against further violations.
How to protect your baby monitor from hackers from Wired.com
1. Register your product
For a camera that’s, at best, one step away from the always-probing internet, registering your product means you’ll be aware of things like this firmware update from Foscam meant to address vulnerabilities that let pretty much anyone own your camera (and subsequently use it to do everything from monitor your home to run exploits on your internal network).
2. Turn on your firewall
Registering your product is only going to protect you from attacks that a manufacturer knows about and cares enough about to fix — both of which can be in doubt when you’re buying a cheapo IP camera from eBay. A good firewall around your home network will provide a basic first line of defence from attackers. If you plan to expose the camera to the wider internet so that you can monitor it remotely (possibly not the best idea, but hey) the security researchers who first exposed the Foscam vulnerability suggest limiting the remote IP addresses that can connect to your router and throttling the connection rate to protect against brute force attacks.
3. Change your defaults
Okay, we saved the most important one for last. Just like you want to change the installer code on your home’s alarm system or the default admin/admin login on your router (you have changed the default login on your router, right?), you also want to change the default settings on your camera’s software tools. Changing the login is an absolute must. Depending on your set-up, you may want to change the port the camera uses as well.