SkipToMainContent

Emerging Threats

Home security camera and doorbells: tips to help secure your devices

Hackers sometimes set their sights on home security cameras from manufacturers such as Amazon Ring, Google Nest, and other smart-home tech makers, and that has made some consumers feel less than secure.

These app-based products function by using your existing Wi-Fi network to create a virtual perimeter, but some hackers have reportedly used the devices to shout at people, blast alarms, blare music, and more.

How does this happen? Ring hasn’t had a data breach, so Ring customer data like passwords or other personal information hasn’t been exposed.

Instead, hackers accessed passwords from recent data breaches unrelated to Ring and tested them to see if they’re also being reused on Ring accounts.

They were.

If you use one or more smart home security device — or if you’re thinking about buying one — here are six steps to help secure your device when setting it up at home.

How to secure your home security cameras and similar devices

1. Use two factor authentication (2FA).
Many home security products support 2FA, but not all brands set up by default. 2FA is a method of verifying your identity. It adds a second factor of authentication in addition to your account password. To set up 2FA on your Ring device you can find instructions here.

2. Don’t reuse old passwords or share passwords with other accounts.
Passwords can be stolen in data breaches. If you’re using an old or shared password, or the default password that came with the device, cybercriminals may already have it in their possession. They may try to use the stolen passwords to access other accounts.

3. Ensure devices’ physical safety.
If you have a smart camera, doorbell, or other security devices on the outside of your house, be sure they’re securely attached. If thieves obtain the physical device, they may be able to gain access to your security footage and your home network, as well.

4. Delete what you’re not using.
If you don’t have any reason to keep your security footage, delete it. If a data breach occurs, hackers could use old footage to gain information about your home.

5. Perform software updates.
Software updates can fix vulnerabilities that hackers may know about. Here’s how to update your Ring device: Click on “device health” near the bottom of the Ring app. Under “device details,” find “firmware,” and it will tell you if your device is up to date. You can typically find instructions for performing software updates on other brands of smart home security devices on the manufacturer’s website.

6. Add shared users to avoid sharing passwords.
Many device manufacturers like Amazon Ring and Google Nest allow you to add a user to an account to share features. Do that instead of giving others the credentials to your account.

Recent incidents of smart home security device hacking

Here are a few recent cases where hackers have been able to access cameras and other home security devices.

DeSoto County, Mississippi family gets quite the scare

A Mississippi family was startled when a hacker played the song “Tiptoe Through the Tulips” in the bedroom of three young daughters, where parents used a Ring camera to monitor the girls’ behavior. One of the daughters, an 8-year-old, asked who was there, and the hacker replied, “It’s Santa. Your best friend.”

The parents hadn’t set up two-factor authentication on the device. If they had, it would have been difficult for hackers to bypass passwords.

Milwaukee home gets heated up

Samantha Westmoreland returned home from work one day to find that her Nest thermostat was turned up to 90°. Thinking it was just a glitch, she turned down the thermostat and thought nothing of it. Shortly after she heard a voice that began playing vulgar music.

A family in Cape Coral, Florida, gets racial hate speech through a camera

A man yelled racial slurs to a family’s 15-year-old son for nearly three minutes. The family ripped the batteries from the device to get it to stop.

The father contacted Ring about the incident. Ring found that the email and password that was used on the device had turned up in a data breach at another company.

A Texas family is threatened to pay a ransom or “Get terminated”

A woman was jolted awake by a hacker who had taken over her Ring camera by using the intruder alarm. After the alarm went off, a voice came from her camera, saying "Ring support! Ring support! We would like to notify you that your account has been terminated by a hacker. Pay this 50-bitcoin ransom or you will get terminated yourself.”

The hacker then accessed the doorbell camera and said, “I'm outside your front door.”

While the family was using a unique password that was hard to guess, they didn’t use two-factor authentication, which could have secured their Ring devices.

Ring states their devices have not been compromised

In a statement on its website, Ring said they investigated these security incidents and determined there’s no evidence of a compromise to Ring’s network or system.

When Ring learned about the recent security incidents, the company took action to block cybercriminals from accessing known impacted Ring accounts and contacted the affected users.

Victim of a data breach? LifeLock monitors for identity theft and threats.

Norton joined forces with LifeLock, we offer a comprehensive digital safety solution that helps protect your devices, connections and identity.


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.