Con Watch: Are Ring Cameras Secure?

Steve Weisman is a lawyer, college professor, author, and one of the country’s leading experts in cybersecurity, identity theft, and scams. See Steve’s other Con Watch articles.

Ring brand cameras are a popular home security device; however, they have recently received negative attention due to reports of the cameras being hacked. For instance, Ashley LeMay installed two Ring cameras last November to monitor her children while she worked. Surreal video footage of a hacker speaking to LeMay’s daughter has appeared throughout the media coverage of the incident. Now LeMay and others have filed lawsuits against Ring alleging that Ring products have defective security.

It’s not as bad as you think. It’s far worse.

As disturbing as this story is, the potential problems brought about by hacking security cameras or other home Internet-of-Things devices are far more worrisome. In many instances, if a hacker is able to gain access to one device that is part of the home’s WiFi network, they could also gain access to other connected devices, such as a computer containing personal financial information or, if the victim works from home, even corporate files.

In the case of many of the victims of Ring and other security camera hackings the problem does not appear to have been a flaw in the Ring security cameras, but most likely can be attributed to consumers failing to change the default password with which the Ring camera or other device came. These default passwords are readily available to hackers on the Dark Web.

Many hackers search the Internet for unsecured web cameras and baby monitors; if the factory setting username and password have not been changed, they gain easy access to these cameras.

Hackers have published the usernames and passwords of thousands of users of Ring cameras on the Dark Web, that part of the Internet where cybercriminals buy and sell goods and services. These usernames and passwords appear largely to have been obtained through data breaches. Compounding the problem is that many people make the mistake of using the same username and password for all of their accounts, putting all of their accounts in jeopardy.

How to Secure Your Ring Camera

Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear. You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.  Thus, your Ring password could be IDon’tLikePasswords!!!RING.   Alternatively, you can also use one of the many password managers, such a Dashlane, Avira and Kaspersky that will generate and store secure passwords for you.

Featured image: BrandonKleinVideo / Shutterstock

Con Watch: Hidden Dangers in the Internet of Things

Steve Weisman is a lawyer, college professor, author, and one of the country’s leading experts in cybersecurity, identity theft, and scams. See Steve’s other Con Watch articles.

The Internet of Things is the name for the technology by which a wide range of devices are connected and controlled over the Internet. The list of things that make up the Internet of Things includes cars, refrigerators, coffee makers, televisions, microwave ovens, fitness bands, thermostats, smart watches, webcams, copy machines, medical devices, home security systems and even children’s (and adults’) toys.

According to the research firm Gartner, 8.4 billion devices made up the Internet of Things in 2017 and is expected to increase to more than 20 billion devices by 2020.

While these internet-connected devices can be very convenient and helpful, helping you track your calories or unlock your house remotely, they also can have a much darker side.

In 2017 Italian researcher Giovanni Mellini published his findings that he was able to remotely hack into and take control of a sex toy. While a Bluetooth-enabled toy may open up new vistas for consenting adult, it also opens up frightening new opportunities for hackers.

In 2017 the FBI issued a warning to consumers about the privacy and identity theft dangers posed by internet-connected toys for children. These toys are incredibly sophisticated and can tailor their responses to a child’s behaviors and words. The toys often come equipped with sensors, microphones, cameras, data storage components, speech recognition, and GPS. Some of these toys pose a security threat in the way they gather and store information.

For instance, the doll My Friend Cayla has hidden cameras and microphones that can be used to record private conversations over an insecure Bluetooth connection. She has been banned in Germany since 2017, according to the Bundesnetzagentur, the German telecommunications regulatory agency.

The dangers can be quite serious. In 2011 researcher Jay Radcliffe hacked and disabled an insulin pump connected to the Internet, and in 2015 security researchers Charlie Miller and Chis Valasek famously hacked Jeep Cherokees.

The most prominent danger posed by the Internet of Things is when cybercriminals are able to hack your devices and then move within your home’s computer systems to access your routers, laptops, tablets, phones, and computer hard drives. From there, they can steal personal information such as your credit card numbers, bank account passwords, and other information that can be used to make you a victim of identity theft. They can also enlist your devices to distribute malware anonymously.

How to Protect Yourself

The Internet of Things can be a safe (and fun!) place if you merely take the necessary precautions.