IoT devices enter our homes out of ease and convenience, as the gadgets often optimize or streamline ordinary tasks — such as notifying us who’s at the front door or providing us home surveillance at the touch of a button. And though these devices are helpful, they also provide cybercriminals with a way to enter homes if the gadgets are left unprotected. As a matter of fact, it was reported just last week that a camera from Ring, a smart home security system, was hacked by a cybercriminal – who was able to speak directly to a child in her bedroom as a result.
So, what exactly happened? According to The Washington Post, a cybercriminal was able to get inside a family’s Ring system, specifically taking over the camera in the children’s bedroom. The crook then interacted with one of the family’s daughters via the camera’s two-way talk function, harassing her with taunts and negative statements.
Reports have stated that this attack is in no way related to a breach or compromise of Ring’s security, but rather a case of reused credentials or access to online account logins, usernames, etc. Unfortunately, this is a common phenomenon within the realm of cybersecurity – as credentials are commonly for sale or available online due to large-scale breaches or are often easily guessed by cybercriminals given users’ bad habit of reusing existing logins.
Now, this incident isn’t just isolated to Ring cameras, as it has been observed with some baby monitor manufacturers and is a growing trend. So, the next question is – what can users do to prevent themselves from experiencing a similar attack on their IoT devices? They can start by following these tips:
- Change your passwords. You should mix up your passwords as frequently as every two months. Additionally, you can use an online password management tool that creates very complex passwords that are hard to crack and you won’t have to remember on your own.
- Don’t share your account logins to give others access. Be stringent when it comes to sharing logins. While it can be tempting to share passwords to streaming services and social media, your personal login should remain personal.
- Use the “two-factor” option on your connected device. Implementing two-factor authentication can help halt a cybercriminal in their tracks. That’s because two-factor authentication adds an extra layer of protection to a device, since it requires access to a mobile phone in addition to a user’s login information.
- Keep your camera’s firmware up to date.Vulnerabilities in software do happen and having the latest firmware version will help reduce the risk of being compromised.
To stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.