Consumer Reports has sent a letter to 25 manufacturers of IoT cameras with a call to improve their security.
“In response to multiple reports of hacks and unauthorized access of smart cameras and doorbells, Consumer Reports writes to urge your company to raise the standard of security for your connected camera, doorbell, or security system,” wrote the company.
“We request clarification on the steps you are taking to prevent hacks and unauthorized access to these cameras and the systems that underlie them.
IoT cameras are one of the worst offenders when it comes to security. Given that cameras are essentially an eye into your premises; they’re among the devices consumers expect to be most secure.
However, cheap IoT cameras in particular are notorious for poor security practices. Many devices are compromised simply because they use a default password and fail to prompt the user to change it.
If you need an illustration of the problem, directories can even be found on the web which allow you to stream all the cameras found with default passwords used.
Consumer Reports sent their letter to the following 25 companies:
- Abode
- ADT / LifeShield
- Arlo
- August
- Blink
- Canary
- D-Link
- Eufy/Anker
- Frontpoint
- Guardzilla
- Honeywell Home
- iSmartAlarm
- Logitech
- Google/Nest
- Netvue
- Night Owl
- Ooma
- Remo+
- Ring
- Samsung SmartThings
- Scout
- SimpliSafe
- TP-Link
- Wyze
- Zmodo
Consumer Reports warns the IoT camera manufacturers that its ratings will reflect whether it believes adequate steps have been taken to ensure the security and privacy of users is protected.
The company goes on to highlight the following recent incidents of hacked IoT cameras:
- A woman reported that a man had hacked her camera, which she only learned when the man started to harass the woman through the camera in her bedroom.
- A stranger also hacked a family’s camera to spew racial slurs at the family.
- A hacker demanded a man pay a ransom in Bitcoin through his connected camera.
- A woman was awoken by someone shouting “wake up” through a connected camera located in her bedroom.
- A family learned that their home cameras had been hacked only when a stranger’s voice yelled through the camera to “Come here. Come here.”
Research conducted by Consumer Reports found at least 17 reported incidences of hacked cameras in the US in December alone.
“All people have an inherent right to privacy—especially within their own homes. This right to privacy at home is protected in the US Constitution and is clearly reflected in consumer preferences regarding connected products used at home,” Consumer Reports wrote.
In a survey conducted by PCMag, the publication found that privacy was more important to most consumers than cost when it comes to smart home devices. However, the bad publicity from a manufacturer’s camera being hacked is bound to be costly – so it’s in everyone’s interests to ensure security is given the priority it requires.
