Why Ring Doorbells Perfectly Exemplify the IoT Security Crisis
There's been a lot of creepy and concerning news about how Amazon's Ring smart doorbells are bringing surveillance to suburbia and sparking data-sharing relationships between Amazon and law enforcement. News reports this week are raising a different issue: hackers are breaking into users' Ring accounts, which can also be connected to indoor Ring cameras, to take over the devices and get up to all sorts of invasive shenanigans.
In Tennessee, a local news channel reported on Tuesday about a case where hackers hijacked an indoor Ring camera one family had placed in a bedroom and used it to talk to three young girls. And as Motherboard first showed, there are tools available online for breaking into Ring accounts by strategically guessing the login credentials. When account thieves record enough juicy audio from people's Ring feeds, there's even a podcast where they can broadcast it.
Though it sounds shocking, the situation with Ring is far from unique. At the beginning of the year, for example, hackers launched similar attacks against Nest cameras, complete with incidents where hackers were creepily talking to children through the devices. The manufacturers behind these devices—Amazon and Google, respectively—are both billion-dollar tech giants with massive development resources. The fact that their cameras regularly feature in these kinds of cases reflects a broader industry failure to produce trustworthy internet-of-things devices that are easy for consumers to set up in a secure and private way.