SCARY: Computer experts show how easy it is to hack off-the-shelf smart devices like baby monitors and home security cameras

Surveillance State

Source: PrivacyWatch

April 13, 2018

by

Is anyone truly secure in their home? That may not be the case in a world where bridges are being connected by rapidly improving technology. And with off-the-shelf smart devices becoming increasingly common features in homes, it seems that it’s easier than ever to invade the sanctity of a personal space.

This was demonstrated by researchers from the American Associates Ben-Gurion University of the Negev (AABGU). Their main body of work focuses on identifying the vulnerabilities of networks and devices in the home. As part of that continuing effort, the team took apart and reverse engineered a slew of gadgets commonly seen in most homes. Through this, they were able to discover that a number of security issues plagued baby monitors, doorbells, thermostats, and home security cameras.

The biggest of these issues lay in the passwords. For one, common default passwords are shared by the same products even if they’re sold under different brand names. Very rarely do business owners and consumers come up with new device passwords after buying these products, so there’s a good chance they’ve been using an unsafe password for as long as they’ve been using a certain device. Moreover, retrieving the password stored in a device allowed the researchers to access entire wi-fi networks.

“It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand. Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely,” explained researcher and Ph.D. student Omer Shwartz. (Related: How to encrypt your hard drive, and why you should.)

“Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products,” said AABGU lecturer Dr. Yossi Oren. “It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices.”

Oren added that manufacturers should take extra steps in safeguarding their consumers. These steps can include disabling remote access, implementing complex passwords that are harder to crack, and making it more difficult for hackers to gather information from shared ports such as audio jacks.

That being said, consumers can protect themselves too. Oren and his researchers laid out a few tips for people to keep in mind before and after buying Internet of things (IoT) devices:

  • Buy from trusted manufacturers and vendors: Do your own research before purchasing any IoT devices. Also, choose to buy new devices instead of used ones. Cheaper isn’t always better, especially in this case. As per Phys.org, there have been more cases of highly vulnerable cheap devices than there have been pricey devices.
  • Keep an eye on your passwords: Some devices come with a default password, so make it a point to look them up so that you can change them before installation. Strong passwords with a minimum of 16 characters (with both letters and numbers) are the best kind of passwords. Furthermore, try to use different passwords for your various devices for that extra layer of security.
  • Avoid peer-to-peer-capable devices: IoT devices that boast peer-to-peer capabilities are hard to protect because they’ve been configured to connect to the Internet by any means possible. While it seems like a handy feature at first, it’s anything but since they become easier to access remotely.
  • Update as much as possible: Without regular patching, IoT devices become even more vulnerable. So try to update them often, and only get those updates from secure and reputable websites.

Protect yourself on the Internet by visiting Cyberwar.news for more guides on cybersecurity.

Sources include:

AABGU.org

Phys.org

Related Posts:

No Comments

Leave a Reply

Featured Video Play Icon
Surveillance State
LPGA’s facial recognition “hospitality program” to be used to convince fans that everyone is a potential terrorist

Source: MassPrivateI July 17, 2018 by mapi Golf fans will be happy to know that the LPGA considers every fan a potential terrorist. Last week an article in Sport Techie revealed that the LPGA is using NEC’s biometric NeoFace facial recognition technology to identify every fan. Why would the LPGA use …

Featured Video Play Icon
Surveillance State
The Weird DARPA/Facebook “Coincidence” You Never Heard About

Source: The Corbett Report July 5, 2018 James Corbett Ever hear about “Lifelog?” You know, the DARPA project to create an automatically updated, itemized, organized, electronic list of every interaction you have, every event you attend, every place you go and everything you do? The project that was announced as …

Surveillance State
Amazon’s Fusion With the State Shows Neoliberalism’s Drift to Neo-Fascism

Image |  Elliott Gabriel | MintPress News MPN spoke to Yasha Levine, the author of “Surveillance Valley,” and Monthly Review editor John Bellamy Foster about the rise of the Amazon.com empire and the merger of Big Data, finance capitalism, and the U.S. state apparatus. Source: Mint Press News June 29, …