You’ve probably heard the horrifying stories of parents discovering that their baby monitor has been hacked (here is an example of an article). Strangers controlling the webcam’s movement or talking to their babies at night with disturbing and inappropriate language.
As a parent, the thought that your child might not be safe in their own room is alarming. And rightly so. But if you have a baby monitor in the room, especially one that connects to your WiFi, the reality is that it can be hacked.
We’ll start by providing you with more details on how hackers could potentially crack your baby monitor. Feel free to skip this section if you don’t want to read the technical details and head directly to the checklist to protect yourself from potential hackers.
There are two main categories of safety considerations that parents should take into account when buying a baby monitor:
- Health safety from electromagnetic exposure
- Hacking security from privacy intrusion
In this article, we will focus on the privacy concerns that some baby monitors might cause. We recommend that you also read our report on the potential health safety concerns with some baby monitors.
How can your baby monitor be hacked?
Virtually every baby monitor can be hacked. But the type of monitor that you use will greatly determine how hard or easy it is for a hacker to do so.
Radio monitors communicate over short to medium range on a specific frequency. In order to hack radio monitors, a hacker would need to be in physical reach of the signal and know which frequency to communicate on. Most of the serious baby brands that we recommend in our ranking of the best baby monitors use encrypted channels, so the hacker would also need to be able to bypass that.
All in all, most modern radio monitors are very unlikely to be hacked and greatly mitigate the risks.
WiFi monitors on the other hand, connect to your home network, which is probably connected to the internet. This opens the door to anyone anywhere in the world to potentially hack your device.
The models that transmit a video feed to your mobile phone, also called Internet of Things (IoT) monitors, are a particular concern because they open the door to more potential breaches. Internet-connected baby monitors are indeed potentially vulnerable to hackers anywhere on earth, and you wouldn’t want to invite them in your child’s bedroom.
There are two different ways that WiFi baby monitor can be used: on your private network or on the Internet.
Private network WiFi baby monitor hacking risk
If you’re only using your baby monitor to share audio and video signals within the perimeter of your private WiFi network, a hacker would first need to get access to your home router. They may then try to access all the devices that use that router to connect to the internet (everything that is connected to your WiFi in your home).
All modern routers use Network Address Translation (NAT) to filter out unauthorized incoming traffic, so you should be fairly safe. Just make sure that the default option hasn’t been changed to enable port forwarding or created a demilitarized zone.
While you’re at it, we suggest you also disable remote access to your router if you changed it from its default configuration in the past. The feature can often be found under the “remote setup” or “Allow Setup over WAN” option of your router admin page.
Remember to also protect your WiFi network with a strong password to avoid someone walking within range and accessing your router.
Internet access WiFi baby monitor hacking risk
While the scenario above greatly reduces hacking risks, as long as your router and WiFi network are secured, connecting your baby monitor to an internet service is a very different story.
Some webcams allow you to access the audio and video feed even when you’re not at home. In order to achieve that, they stream the video over the internet. This opens the door to hackers cracking your password or compromising the manufacturer’s website.
This is the least secure option and one that we don’t recommend.
Why would someone hack your baby monitor?
There are typically 3 categories of people who would hack a baby monitor:
- Voyeurs: some hackers just want to peer into families’ lives as if it was a reality show.
- Pranksters: they’ll use the talk-back option in your baby monitor to wake up your baby in the middle of the night.
- Criminals: either to check when you’re not home or to try to steal personal information that was heard over the monitor’s microphone.
Bottom line: secure your baby monitor the same way you secure your computer or smartphone
WiFi-enabled baby monitors are no different from any other device that connects to your WiFi network. They won’t open the door to new vulnerabilities and aren’t inherently more easily hacked than any other IoT device in your home.
Just make sure that your network is secure and limit as much as possible the broadcasting of video feed outside of your own private network and you should be safe.
Bonus: checklist to protect your baby monitor from hacker attack
There are a few simple steps that you can take to protect your baby monitor from hackers, and your entire WiFi network altogether. Just go through our checklist and contact your monitor manufacturer if you have doubts or questions along the way.
- Secure your wireless router:
- Update your router’s firmware.
- Disable remote access to your router.
- Use a strong password for your WiFi network.
- Secure your baby monitor:
- Register your product with the manufacturer to receive software updates and fix potential security risks.
- Remove the default login details and set up a new password.
- Disable DDNS (Dynamic Domain Name System) if there is an option.
- Disable port forwarding or UPnP if it’s an option.
- Disable remote access.
- If you absolutely require remote access to your baby monitor to stream the video while you’re away, do the following:
- Change the default camera access port. It will probably be set at 80 initially, you can change it to anything above 8200.
- Regularly verify your monitor logs for suspicious activity, such as foreign IP address or strange access times.
Implementing all the checklist items above will significantly strengthen your network and help prevent your baby monitor from being hacked.