Default passwords, unsecured networks, and apps are rife with opportunities for someone to get hacked. IoT vulnerabilities are allowing for classic keylogging, brute-forcing, phishing scams, and man-in-the-middle hustles to run rampant. So while the IoT and connected devices bring some interesting and convenient ways of life, they are exposing people to being hacked every day.
We have seen hacks from the reasonably painless, to massive data breaches, and everything in between, because of the current trend of our wants and needs to be connected to the internet and the cloud. As a result, mobile phones are being used to tap into a corporation’s information, families are falling victim through their children’s toys, and smart homes are proving to be not-so-smart homes in the eyes of cyber attackers. So, what can we do about it?
Take a look below at some of the dangers associated with seemingly innocent devices in today’s IoT era.
We’ve heard this one before: someone’s phone has been hacked to leak nudes or gain access to someone’s social media account. However, the IoT is changing the way mobile devices are getting hacked. Businesses are being targeted through their unwitting employers’ tablets and phones, since better connectivity means a business where more and more employers are using their mobile devices for business and personal use. Devices can be accessed unknowingly when employers connect to unsecured WiFi, which could prompt malware downloads, which can lead straight into a company network — and just like that, a corporation is compromised. An unattended phone can be nabbed for the same reasons.
While it’s up to you to keep tabs on your phone at all times when it can be physically accessed by people you’d rather not have access to it, it is not necessarily your doing that your phone gets hacked as a result of walking through an area where your phone connects automatically to an unsecured network. And, seeing as how you need your mobile phone and other devices for business, corporations are implementing ways to eliminate the possibilities of your personal phone being hacked to get to your business network. One such method is providing secure, company-owned devices that employees can use for personal use.
In the same way hackers are using mobile devices to get to corporations, they are using children’s internet-connected toys to get to families. Toys are growing extremely advanced, with cameras in their eyes, microphones so they can talk and listen, and data storage so they can learn. However, connecting to the internet puts a child and a family at risk. Add all these cool amenities to the fact that children like to talk (endlessly) to their toys, and a hacker can spy — essentially a man-in-the-middle attack — to find out where a kid lives, their school, and name. This can be extremely dangerous for a child.
To make matters worse, if that toy comes with the ability to pay to add upgrades, bank records and personal information become visible, now putting the family at risk. “Families are tantalizing targets to cybercriminals since they tend to have less cybersecurity protection installed on their devices,” warns Panda Security. These schemes can be warded off by parents understanding the basics of cybersecurity, and talking to children about what is okay and not okay in the IoT.
It turns out that having most everything in your home connected to the internet for the convenience of being able to turn your lights off while you’re away isn’t a good idea. If your network is accessed through your compromised refrigerator, then even your smart locks could potentially be unlocked, which can be a big problem for you. How would they know you’re not home so they could burglarize your house? Because your connected security system shows them that you left an hour ago.
Smart home devices aren’t much more protected a child’s toys, and can be accessed remotely, or can be easily accessed because a household is still operating their devices on factory settings — which often means default router password. In the case of smart homes, if one device compromised, then every device is. It’s incredible what the knowledge of changing your default settings and passwords can do to deter a hacker.
Lots of hacks are because of a lack of basic cybersecurity knowledge, but all of the hacks above are because of a desensitization to the fact that we are connecting everything to the internet. IoT vulnerabilities are allowing hackers to get creative — accessing secure networks through unsecured devices. Mobile phones have been getting hacked since the beginning, but new IoT devices such as children’s dolls? While creative, exploiting children is a low for hackers, but that doesn’t deter them any more.