Ring hacked: doorbell and camera security issues

What are Ring security devices?

Ring is an Amazon-owned home security company which offers smart security cameras and video doorbells.

The Ring doorbell is a smart home device that allows you to control your front door remotely. It’s mounted next to your front door and connected to your mobile device via Wi-Fi. When someone comes to your house, you can see the person through the camera and let them in remotely.

The company also offers indoor and outdoor cameras which allow you to monitor your home while you are away, check on your kids, or keep an eye on your pets. The cameras are equipped with motion sensors and a two-way talk feature, allowing you to talk to someone in real time.

How Ring's smart devices threaten your safety

Ring has long been subject to various security issues. While some have been addressed and eventually resolved, Ring security cameras and doorbells still have a bad track record. This leaves us with the question: Can Ring devices be hacked? The answer is yes, they can.

Researchers at Dojo, an internet of things security company, have found that bad actors can intercept your Ring doorbell by accessing the network it uses. This is possible because the data traveling between the Ring device and its application is not encrypted. As a result, anyone who’s hacked your Ring device can monitor who enters or leaves your house and can even steal your Wi-Fi password. Moreover, they can trick you into letting in a stranger by showing you a video of someone you know. Amazon claims that the issue was fixed in later versions of the app.

Ring cameras are not any better. Ashley LeMay sued Ring after a stranger talked to her daughter through a hacked indoor security camera. An unidentified hacker gained access to the camera and its microphone and told the 8-year-old that he was Santa and that she should destroy her belongings. Another family also had their Ring camera hacked — a cybercriminal started talking to them as they were getting ready for bed.

Take a look at this news report featuring videos from hacked Ring cameras:

While Ring can be held accountable for most of these issues, users are not completely blameless either. People rely heavily on companies to safeguard their data, often forgetting to be cautious themselves. In 2019, more than 3000 Ring users’ credentials ended up online. They came from a credential stuffing attack, not the company’s databases. The hackers took username and password combinations from other breaches and used them to log into Ring accounts. Since people tend to use the same credentials for most of their accounts, many of those attacks were successful.

The incident may not have occurred if Ring had any additional security protocols that inform their users about logins from unfamiliar IP addresses. It’s also impossible to view your account's login history to determine if someone’s been snooping around.

Countless reports submitted by Ring users make it even harder to trust the company’s security choices. Some claimed they still managed to log into the app using their old password after changing it — and that’s with two-factor authentication enabled. Another incident involved a Reddit user who reported that his Ring doorbell was sending packets of data to China. The company has acknowledged the problem and promised to issue an update to resolve it.

How to prevent Ring camera and doorbell from getting hacked

Ring security cameras and doorbells sound like a great solution for keeping you and your home safe. However, they may present other potential dangers to you and your family. If you plan to use them, always take the necessary precautions and never fully rely on companies to do it for you:

• Safeguard your Wi-Fi with a guest network and use a strong password. Make sure to have well-customized settings (e.g., do not share your Wi-Fi publically and disable SSID broadcast);
• Come up with strong, unique passwords for your devices and use two-factor authentication for additional protection;
• Use a firewall and antivirus software to protect your home network from strangers;
• Mount your devices securely to prevent them from being stolen;
• Always keep the software up-to-date. This includes both the device software and the Ring app on your phone. Updates come with essential security patches, so it’s important you install them right away;
• Do not share Ring videos on social networks as it might jeopardize your security and privacy. In 2009, Ring was criticized for using videos shared on its Neighbors app to provide tips on suspects;
• Do not keep old footage. When a hacker logs into your Ring account, they can access not only the camera’s live stream but also older videos. Deleting them will ensure there’s less information about you in case of a breach;
• Go one step further and secure your home network with a VPN. A reliable VPN provider, like NordVPN, will hide the IP addresses of your IoT devices and encrypt the data they send and receive. Need help installing NordVPN on your Wi-Fi router? Here’s a helpful guide on how you can do it.

NordVPN will protect your home network from snoopers. Try it with our risk-free money-back guarantee for 30 days!