Ring hacked: doorbell and camera security issues

Ring is an Amazon-owned home security company which offers smart security cameras and video doorbells.

The Ring doorbell is a smart home device that allows you to control your front door remotely. It’s mounted next to your front door and connected to your mobile device via Wi-Fi. When someone comes to your house, you can see the person through the camera and let them in remotely.

The company also offers indoor and outdoor cameras which allow you to monitor your home while you are away, check on your kids, or keep an eye on your pets. The cameras are equipped with motion sensors and a two-way talk feature, allowing you to talk to someone in real time.

Ring system security issues have often made headlines. While some have been addressed and eventually resolved, Ring doorbell security issues are still high, especially since they’re not encrypted. So, can Ring devices be hacked? Yes, they can.

Researchers at Dojo, an internet of things security company, have found that bad actors can intercept your Ring doorbell by accessing the network it uses. This is possible because the data traveling between the Ring device and its application is not encrypted.

As a result, anyone with the know-how can easily hack your Ring device, and spy on you, and whoever enters or leaves your house. They can even steal your Wi-Fi password. Moreover, they can trick you into letting in a stranger by showing you a video of someone you know. Amazon claims that the issue was fixed in later versions of the app.

Ring cameras are not any better. In a Ring camera hack, Ashley LeMay sued Ring after a stranger talked to her daughter through a hacked indoor security camera. An unidentified Ring hacker gained access to the camera and its microphone and told the 8-year-old that he was Santa and that she should destroy her belongings. Another family also had their Ring camera hacked — a cybercriminal started talking to them as they were getting ready for bed.

Take a look at this news report featuring videos from hacked Ring cameras:

While Ring can be held accountable for most of these issues, users are not completely blameless either. People rely heavily on companies to safeguard their data, often forgetting to be cautious themselves. In 2019, more than 3000 Ring users’ credentials ended up online. They came from a credential stuffing attack, not the company’s databases. The hackers took username and password combinations from other breaches and used them to log into Ring accounts. Since people tend to use the same credentials for most of their accounts, many of those attacks were successful.

The incident may not have occurred if Ring had any additional security protocols that inform their users about logins from unfamiliar IP addresses. It’s also impossible to view your account’s login history. So, it’s hard to tell if someone is watching you on Ring.

Countless reports submitted by Ring users make it even harder to trust the company’s security choices. Some claimed they still managed to log into the app using their old password after changing it — and that’s with two-factor authentication enabled. Another incident involved a Reddit user who reported that his Ring doorbell was sending packets of data to China. The company has acknowledged the problem and promised to issue an update to resolve it.

Related articles

Engineering What we can learn from the massive Twitter hack

Jul 17, 2020

·

3 min read

Cybersecurity Hacker stereotypes: fact or fiction?

Apr 16, 2021

·

7 min read

Ring cameras are built into a doorbell and use motion sensors. You can temporarily disable notifications and motion recording by turning off the Ring doorbell motion sensitivity, and Ring motion alerts. After that, you need to turn off the motion control record to disable it. Here’s how:

Step 1: How to turn off Ring doorbell motion sensitivity

• Open the Ring app, select the Ring device, and click on ‘Motion Settings’.
• At the top of your screen you’ll see a slider. Slide it all the way to the left to make it as unresponsive as possible.

Step 2: How to turn off Ring motion alerts

• From the Ring app, select the Ring device. Click ‘Motion Settings’ and then ‘Motion Schedule’.
• Specify the time and date that you want motion alerts to stop, and save the changes.

Now, you won’t receive any notifications if motion is sensed at your door. At this point, you can still review any motion caught later on, even though you’ve disabled notifications.

Step 3: How to turn off the Ring motion record

• From the Ring app, select the Ring device. Click ‘Motion Record’ and turn it off.

Ring security cameras and doorbells sound like a great solution for keeping you and your home safe. However, they may present other potential dangers to you and your family. If you plan to use them, learn how to secure Ring doorbell and never fully rely on companies to do it for you:

• Safeguard your Wi-Fi with a guest Wi-Fi network and use a strong password. Make sure you have well-customized settings (e.g., do not share your Wi-Fi publicly and disable SSID broadcast);
• Create strong, unique passwords for your devices. Use two-factor authentication for additional protection;
• Use a firewall and antivirus software to protect your home network from strangers. Also, try NordVPN’s new Threat Protection feature. It helps you identify malware-ridden files, stops you from landing on malicious websites, and blocks trackers and intrusive ads on the spot.
• Mount your devices securely to prevent them from being stolen;
• Always keep your Ring software up-to-date. This includes both the device software and the Ring app on your phone. Updates come with essential security patches, so it’s important you install them right away;
• Do not share Ring videos on social networks. It might jeopardize your security and privacy. In 2009, Ring was criticized for using videos shared on its Neighbors app to provide tips on suspects;
• Do not keep old footage. If a hacker logs into your Ring account, they can access not only the camera’s live stream but also older videos. Deleting them will ensure there’s less information about you in case of a breach;
• Go one step further and secure your home network with a VPN. A reliable VPN provider, like NordVPN, will hide the IP addresses of your IoT devices and encrypt the data they send and receive. Need help installing NordVPN on your Wi-Fi router? Here’s a helpful guide on how you can do it.