As we move closer to integrating our more sophisticated technology products, the Internet of Things (IoT) has become the hot buzzword of action. Connecting everything together for ease of use for our smart homes may sound like the best of all worlds, however, there is one problem that isn’t being appropriately addressed: the protection of each of these technologies against cyber hacking. When you add this additional element of AI (artificial intelligence) such as Alexa that are interconnected for our personal access and control, this opens an entirely new scope of conversation for a potential hacker’s entrance into your personal universe.
A majority of the technologies that are merged into the IoT existence are uploaded to the cloud for storage and backup. Few people consider that anything such as a refrigerator or temperature control device would be of any interest to a cyber hacker. But this is exactly the type of vulnerability that cybercriminals are looking for. In a Digital Trends article they related the method used by hackers to enter the network of a casino, simply via access of the thermostat in their on-site aquarium.
In the same Digital Trends article they state: “Israeli researchers recently tested some off-the-shelf smart home devices and found that they were able to access most of them by simply using default factory passwords. Some phone applications designed to monitor household appliances have likewise been found to contain serious security flaws. Your robot vacuum could even be giving hackers a guided tour of your home using their on-board cameras.”
The concept of IoT has opened the doors for yet another method of cyber hacking and since there is little in the way of security, it is like opening the doors to your home or business and inviting the criminals in. Even such highly rated organisations as banks are susceptible to IoT hacking, since they often purchase additional technologies like security cameras from outside vendors that don’t offer any form of protection. The providers of these tech products assume that you will have a network firewall, and this is the downfall that is being witnessed in the IoT world. Thousands of new and interesting devices are being mass produced every day, and almost all lack even the most basic security protocols.
When it comes to theft, cybercriminals look for the path of least resistance, and there is a good chance that as we increase the number of IoT devices and products, there will be a requirement of higher level security for connectivity. A team from the Implementation Security and Side-Channel Attacks Lab discovered that everyday items like smart locks, baby monitors, and doorbells have an astounding number of security risks. The researchers took a group of some of 16 of the most common off-the-shelf tech products used in smart homes (and offices) to test to see if they could hack into them. Using the factory-set default password, they were able to access 14 of the 16 in less than thirty minutes. Their original plan was to reverse-engineer the devices, but they found that it wasn’t necessary since a majority of people simply left the default passwords in place.
“Our goal at Da Vinci Forensics is to provide a detailed analysis of all of the technologies that you use to gauge vulnerability and then advise on the methods required to keep you safe. We are experts at knowing what cybercriminals are looking for, how they act, and the approaches that they take. We work closely with each new technology to ensure that you, your company, and your family are protected against the never-ending efforts of cybercrime.”
Da Vinci Forensics
Source:
https://www.digitaltrends.com/home/casino-iot-hackers-fish-tank/
https://www.digitaltrends.com/home/default-password-flaw-ben-gurion-university/