As well as enabling you to remotely keep an eye on your home, wireless security cameras should also protect your data security and home privacy.
But our product tests and investigations have revealed models that lack even basic protections, and could put you at risk of being hacked.
There are many different ways that an indoor surveillance camera might be targeted by hackers.
Weak or generic default passwords are one of the most exploitable issues you'll find. Some wireless cameras come with weak usernames, such as ‘admin’, and also easy to guess passwords, such as ‘admin’ (again), ‘888888’ or ‘123456’. Attackers know this, and can scan for cameras that are online to try these weak login details to gain access. You can also use a to help.
Password security is also an issue if the camera sends unencrypted data. Even if you change the camera’s password, some cameras will send it, unencrypted, over the internet. This means that when you enter your password, an attacker could steal it and use it to access your camera. Some cameras even transmit your wi-fi password, too, putting your home internet at risk.
With some cameras, an attacker can take complete control over the device – known as full camera takeover. This involves gaining what’s known as ‘root’ access to the camera; a bit like having the keys to the front door of a house. They can then tamper with virtually any aspect of the camera and even load it up with malware.
Unless the camera starts moving without you doing anything, or a voice sounds from the built-in microphone, you might not actually know that your camera has been hacked.
However, the impact of a hacking attack can be devastating; from intrusion to your privacy to potential compromise of other connected devices you have at home.
Dodgy cameras can be easily hacked from anywhere in the world. A hacker could be in a bedroom in America and watching your home on their laptop. The attacker might be able to pinpoint your exact location using the camera, and if it has a microphone, they could even be able to talk to you through the device.
If your wireless camera lacks basic security and it’s connected to your home network, it could put other devices, such as laptops or smartphones, at risk. In this scenario it becomes like a ‘fox in the hen house’, able to mount local attacks and possibly even steal your personal data.
A botnet is a vast army of compromised devices that are harnessed by cyber-criminals to mount large-scale online attacks. Wireless cameras with weak security are prime targets for this as they can be easily loaded up with malware. This might not have a direct impact on you, but can contribute to wider cyber-crime.
While some wireless cameras have inherent security issues that are difficult or impossible to fix, in most cases there are things you can do to help secure your wireless camera in the home.
As covered above, many wireless cameras have weak default passwords that are easy to guess. Set a secure password connecting three random words that you’ll be able to remember.
These provide vital new protections against security threats. Check the camera’s settings to see if you can set it to run updates automatically so you don’t have to remember to do it. Also, always run updates on the camera app in your smartphone.
If your camera offers it, this extra layer of security can stop hackers dead in their tracks. 2FA allows you to request a passcode when you log into your account, in addition to your username and password. The passcode can be sent to your phone, so only you will see it and be able to gain access.
If you’re worried about someone snooping in on your home through your camera, deactivate it by unplugging the power. We have Best Buy cameras that have been checked for effective security protections and are available from £60.
If you want to sell your wireless camera, check the settings or the manual (if you still have it) for instructions on how to restore it to factory settings. After you complete that process, you can delete the app from your phone.
Despite being a relatively novel addition to the home, wireless cameras are gaining in popularity, in part down to falling prices.
You'll find a range of well-known brands, such as Hive, TP-Link, Swann, the Google-owned Nest and Amazon's Ring on sale at major retailers such as Currys and John Lewis.
However, if you're shopping online, you may notice a huge number brands you may not have heard of, particularly on online marketplaces such as Amazon, eBay and Wish.com.
This huge influx of smaller brands at cheap prices has made the buying decision more difficult, and our investigations have revealed that it's important to be wary.
For this reason it's important to shop carefully – cheap isn't always cheerful in this market.
Wireless camera from unknown brands may have hundreds, maybe thousands of positive reviews, but make sure you read the negative ones, too. They may alert you to worrying issues with the product, including potentially even hacking risks.
If the company that's selling the camera doesn't have a website or any contact details beyond a generic email address, be cautious. If you can't find the brand online at all, it's best to avoid it and go for a more established brand.
If something goes wrong with the camera or you have questions or concerns, do you know where to turn for support? Email or call the manufacturer with a pre-sales enquiry to see how easy it is to get in touch.
If you do buy the camera and decide to review it, be wary of posting images of the camera or the app as this might reveal information that's valuable to hackers, such as the camera's ID or even password.
Which? members can access the results of our full wireless cameras tests, in which we carefully scrutinise security, along with other factors like performance and ease of use. Only those with the highest standards can become Best Buys, and any models that pose a critical risk are named Don’t Buys.
We test for a range of security and privacy-related issues, including:
If we find any significant vulnerabilities with wireless cameras, we contact the manufacturer to disclose our findings and get them to fix the issue. If they don’t, then we will advise you not to buy the camera.