I’d ask, “Why is this STILL happening?” but I think we all know the answers to that, and Jim Wilson of Safety Detectives actually addresses that in his article.
The SafetyDetectives cybersecurity team has discovered a vulnerability affecting baby monitors, provoked by their misapplication/misconfiguration, which provides potentially harmful parties with unauthorized access to each camera’s video stream.
In mid-December 2020, our cybersecurity team identified numerous baby monitors that are amongst the RTSP devices that do not require authentication for unknown parties to connect.
‘RTSP’ (Real-Time Streaming Protocol) is a set of procedures used by various cameras to control their streaming media. Many baby monitors use RTSP, and it’s important to highlight that other cameras using RTSP (like CCTV cameras) could also be unsecured due to misconfiguration, and unsafe to use for some applications.
Read more on Safety Detectives.
If you are a parent or grandparent or someone who might be puchasing or using a monitoring device, read their article for a list of devices and models that might concern you.