Lab Report: Wi-Fi Cameras Can Be Knocked off Your Network

Background: How Home Security Cameras Work

They’re growing in popularity: Small video cameras that can sit anywhere in your home or business and let you keep an eye on things anywhere you have an Internet connection. CR has reported on a few models that work through their own mobile apps.

There are also video baby monitors that work within the home Wi-Fi network, sending video to either an app or to a dedicated monitor. These are the modern equivalent of CCTV (closed circuit TV) cameras. However, since many new cameras are on a wireless network connection, they aren’t “closed” any longer.

Potential Security Threat

And therein lies the problem: We discovered that, just like in a Mission Impossible movie, it’s easy for an attacker with a laptop to disable your security cameras from outside your house, as long as they work through Wi-Fi.

A hacker within range of your router—and that distance can extend for hundreds of feet, especially if he or she adds a special antenna—determines the name of your Wi-Fi network, the unique address of your router, and the Internet address of your camera, using free software tools available to anyone.

Then, the hacker can send the camera a “deauthorization (deauth) packet” that temporarily disconnects it from your network. If they keep sending the packets, they can prevent it from reconnecting. The hacker doesn't need to be on the Wi-Fi network itself.

What We Did

We downloaded a free hacking tool (we’ve decided not to name it) that has a number of functions, including the ability to send deauth packets. We installed it on a Microsoft Surface Pro tablet running Linux, the operating system of choice for hackers. We used an external wireless card attached to the tablet’s USB port that was able to transmit Wi-Fi packets to anyone’s network.

In our tests, it was a simple matter to send a deauth packet that would knock any Wi-Fi device, including the cameras we tried, off their network temporarily. If we wanted them to stay disconnected, we just chose an option in the tool that would repeatedly send the deauth packet.

We were even able to get one camera to reconnect to a “rogue” router we set up, which could have allowed us to take control of it once we guessed the camera’s password.

Conclusion and Recommendations

While the jury may be out on whether any given camera is truly hackable—meaning that the perpetrator can actually view its image remotely—we think the vulnerability of Wi-Fi cameras to being knocked offline makes them questionable for critical tasks, such as property surveillance and keeping a watch on kids and pets.

For those tasks, you’re better off using a camera that allows a wired Ethernet connection to your router. Unless a hacker actually logs into your network (you DO have a strong Wi-Fi password, right?), a wired camera is pretty secure.

In the wider world of the Internet of Things, there may be no practical solution to the problem of “denial of service” attacks of this sort, which can knock any Wi-Fi device off the network, including motion detectors, sensors that report when a door is opened, and other security devices.

We'd like future Wi-Fi standards to use “frequency-hopping,” in which the signal is rapidly switched among frequency channels. This is already employed by cordless phones, and it would make it much harder for a hacker to jam your Wi-Fi.

Copyright © 2005-2016 Consumers Union of U.S., Inc. No reproduction, in whole or in part, without written permission. Consumer Reports has no relationship with any advertisers on this site.