Ring Security Cameras 'Pose a Threat' to Families and the Public, Privacy Campaigners Claim Amid Surge in Hack Attacks

Surveillance cameras sold by Amazon-owned company Ring "pose a threat" to families and the public," campaigners claimed today amid a rise in device intrusions.

A product warning asserting Ring cameras are "not safe" was published today by a collective of privacy digital rights groups, spearheaded by Fight for the Future. Activists are urging the public to avoid the products and help educate others of the apparent security risks.

The warning comes after several Ring cameras across the U.S. were compromised and exploited to terrorize parents and children in their homes.

"The dangers associated with these products pose a threat to families and the public," the warning says on a dedicated anti-Ring website.

"As groups dedicated to protecting consumers privacy and safety, we are issuing this official product warning: Do not buy Amazon Ring cameras."

Within the past month, numerous Ring camera intrusions hit the headlines.

In Florida, one home security system was abused to spew racial slurs at a family. In Mississippi, a device was used to taunt an 8-year-girl in her own bedroom. For its part, Ring has denied suffering an internal breach, instead blaming the issues on password reuse.

Last week, Motherboard reported on the existence of password-cracking software that was being traded on crime forums and a podcast that was live-streaming camera hacking attempts to Discord. A source told Newsweek the intrusions were made possible by a basic attack called "credential stuffing"—which hacks into accounts using previously-exposed credentials.

Ring
A "Ring Stick Up Cam" is pictured at the Amazon Headquarters, following a launch event, on September 20, 2018 in Seattle Washington. Stephen Brashear/Getty

The issues came to light after cybersecurity company Bitdefender published evidence that Ring's Doorbell Pro had a flaw that could have exposed a user's WiFi details.

"The only way to protect your Ring camera from hackers is to not buy one," Evan Greer, deputy director of Fight for the Future, told Newsweek via email.

"Companies like Amazon are intentionally stoking fear, convincing us that we need these devices to keep us safe from the outside world. The reality is they know that these devices are not safe. They're not even equipping them with the most basic security features, because they're more interested in making money than keeping families and communities safe."

Greer added: "If you want to keep your family safe, don't bring gadgets that are constantly watching and listening into your home.

"This is not a problem that can be fixed with a stronger password. It's fundamentally dangerous to live in a world full of cheap, insecure, internet-connected surveillance devices.

"I'm a parent and would do literally anything to keep my child safe. My advice to other parents is simple: don't put Amazon Ring or any other surveillance camera in or on your home."

Ring has been contacted for comment.

Yesterday, a spokesperson told Newsweek it had blocked "bad actors" from compromised Ring accounts—and was in the process of contacting customers who were affected.

"Our security team has investigated this incident and we have no evidence of an unauthorized intrusion or compromise of Ring's systems or network," a statement read.

"Recently, we were made aware of an incident where malicious actors obtained some Ring users' account credentials from a separate, external, non-Ring service and reused them to log in to some Ring accounts. Unfortunately, when the same username and password is reused on multiple services, it's possible for bad actors to gain access to many accounts.

It continued: "Consumers should always practice good password hygiene and we encourage Ring customers to change their passwords and enable two-factor authentication."

But one expert told Newsweek more should be done to protect users of the devices, which are connected to a home Wi-Fi network and managed by a mobile application.

"While it's technically true that Ring hasn't experienced a 'hack' or a breach, it's also true that Ring's customers expect better protection by default," said Elissa Shevinsky, CEO of security company Faster Than Light. "Customers trust that the cameras in their homes are safe for their families. Sensitive systems, like home cameras, should require two-factor authentication."

Ring Security Cameras 'Pose a Threat' to Families and the Public, Privacy Campaigners Claim Amid Surge in Hack Attacks | Tech & Science