If you’re a parent, the thought of some stranger anywhere in the world being able to watch your baby’s every move is probably a terrifying thought, and with good reason.
Parenting is hard enough as it is, and finding out the devices you use to make it just a little easier could make you and your child vulnerable to the whims of malicious hackers is concerning, to say the least.
So the bad news is that several popular baby monitors are pretty easy to hack, and some creeps do exactly that for unfathomable reasons. But the good news is that there are steps you can take to correct this glaring security oversight, so keep reading to find out what they are!
Here’s What You Need to Know About Hackable Baby Monitors:
A study from a few years ago found major vulnerabilities in several popular baby monitors. In theory, all baby monitors are hackable, just as all devices of any kind with an internet connection or radio receiver are theoretically hackable. Some are less protected and could then be easily hacked.
Knowing this, digital security is best ensured by making your devices as difficult to hack as possible.
While it’s always theoretically possible to gain access, basically nobody is going to devote the time and energy to break through a securely password-protected, encrypted device.
But an unsecured baby monitor that’s still using the default password? That’s fair game to every creep on the internet with even moderate computer literacy.
Internet Vs. Radio Baby Monitors: Which Is Easier to Hack?
Don’t worry, we’re going to talk about the specific products considered most vulnerable to hacking in just a bit, but before we do, it’s worth taking a look at how the different broad categories that baby monitors fall into make them more or less susceptible to hacking.
Like we said above, in theory, any baby monitor can be hacked, but whether or not it’s connected to the internet makes a big difference in how that can play out.
Wi-Fi baby monitors or any other kind of baby monitor that connects to the internet in any way (i.e. through an ethernet cable if not Wi-Fi) can be accessed from people anywhere in the world.
If they’re unsecured or particularly vulnerable, then anyone in the world with even a little bit of computer savvy can hack into the feed, see your baby’s every move, and even talk to them through two-way monitors.
Shorter-range radio-based baby monitors that only work within a short radius (usually covering your home and maybe your yard too if you’re lucky) can still be hacked, but because of their short-range, someone would have to be nearby, no farther away than a next-door neighbor’s house at most.
What’s more, radio monitors require slightly more tech-savvy to hack, so while it’s possible, you’re probably safe as long as you can trust your neighbors not to be creepy baby-watching radio experts.
It’s for this reason that all the specific models we’re talking about today are Wi-Fi baby monitors.
If you’re worried about your and your child’s privacy and don’t mind losing the convenience of a Wi-Fi monitor, you can simply sidestep the issue entirely by getting a short-range radio monitor instead.
But if you value the ability to check on your child from anywhere, not just another room in your house, keep reading to find out which products are most vulnerable to hacking, and what you can do about it.
Read our blog about 8 problems with Arlo baby monitors.
Which Baby Monitors Are or Were Easiest to Hack?
We’ve covered the fact that internet-based baby monitors are the easiest to hack, but which brands of baby monitors have been the most vulnerable over the years, and what, if anything, have their manufacturers done to fix this?
Let’s take a look at some of the worst offenders from the past several years, and what the companies responsible had to say about it.
iBaby M6 and M3S
iBaby makes a variety of baby monitor products with lots of handy features. At one point, their website had a glaring security oversight that allowed any authenticated user to pretty easily access any other authenticated user’s information.
This effectively meant that a hacker could buy an iBaby monitor and authenticate themselves on the sight, or hack their way through the authentication. Either way, they could then spy on basically anyone using an iBaby monitor.
As far as we can tell, the M3S has been discontinued, but the M6 appears to still be on the market. Further, since this was a problem with iBaby’s website itself, the vulnerability could apply to any of their internet-enabled products.
The good news is that iBaby Labs actually did something about this problem. These days, hacking an iBaby Wi-Fi monitor is much more difficult without knowing the serial number of the camera they want to hack. So never share the serial number with anyone you don’t trust if you do use one of these monitors.
Phillips In.Sight B120/37
This unit shipped with hard-coded credentials that could not be changed and which made it very easy for any hacker to gain access.
Phillips has since discontinued this product, but we include it in our list as a warning to anyone who might still have one lying around that they bought in the past. If you do, you probably shouldn’t use it; you’re better off purchasing a new, more secure model.
Summer Baby Zoom WiFi Monitor & Internet Viewing System
This device by Summer Baby had, and may still have, a problem where an attacker can remotely try to add themselves as a valid user of your camera, and then get an email allowing them to register such an account, with no notification to the folks who actually bought the camera.
As far as we can tell, this product is still on the market, and we’re unsure if Summer Baby has ever taken meaningful steps to correct it.
For this reason, it’s recommended that if you have one of these monitors, you use it on the Local Area Network (LAN) setting and use a firewall to block camera access to the internet.
Of course, at that point, you won’t be able to use it safely as a Wi-Fi monitor with all the convenience that entails, and you might be better off just avoiding the product altogether.
This is another one that ships with hardcoded credentials that you can’t change and which hackers can very easily use to get access to the camera.
It’s “currently unavailable” on Amazon, but we’re not sure if it’s discontinued or just out of stock for now, so it’s worth a mention for anyone who may already have one or in case it goes back on sale.
There’s really not much you can do about an issue like this, so your best bet is to simply avoid the product, and toss it if you already have one.
This one does appear to be discontinued, but as before we’re mentioning it anyway for the benefit of anyone who already bought one in the past and might be considering using it now, or is still using it.
Yet another case of pesky hardcoded credentials, just toss the Gynoii if you have one and get a more secure model.
What Can I Do to Prevent my Baby Monitor from Getting Hacked?
It’s worth noting that our list is far from exhaustive, and it may be a little out of date. There hasn’t been a lot of research into this problem, so a seven-year-old study was the most recent in-depth look we could actually find.
Furthermore, these issues can crop up on any internet-based baby monitor, so it’s important to know what to look for and what you can do about it.
Firstly, before you purchase any internet-based baby monitor, you should find out if it will allow you to change your username and password, or if these things are hardcoded into the model. We’ve mentioned how hardcode credentials make it very easy for hackers to gain access, so avoid any device that uses them.
Secondly, once you’ve found a monitor that lets you set your own credentials, make sure you change them immediately upon setting up the device.
After that, consider changing your password every month or so for good measure, and of course never give it out to anyone you don’t trust to have your and your baby’s wellbeing at heart.
Finally, unplug your baby monitor’s power when you’re not using it. Making sure the camera isn’t plugged in when you don’t actually need it will minimize the opportunities hackers have of tuning in to your camera. Also, educate yourself on what baby monitors needs to be plugged in at all.
While you can never completely guarantee that your internet-connected baby monitor will never be hacked, if you follow all these guidelines you will drastically reduce the chance of it happening.
We hope this helps bring you some much-needed peace of mind in your parenting journey!
Check this blog about 5 problems with VTech baby monitors.