SCARY: Computer experts show how easy it is to hack off-the-shelf smart devices like baby monitors and home security cameras

Surveillance State

Source: PrivacyWatch

April 13, 2018

by

Is anyone truly secure in their home? That may not be the case in a world where bridges are being connected by rapidly improving technology. And with off-the-shelf smart devices becoming increasingly common features in homes, it seems that it’s easier than ever to invade the sanctity of a personal space.

This was demonstrated by researchers from the American Associates Ben-Gurion University of the Negev (AABGU). Their main body of work focuses on identifying the vulnerabilities of networks and devices in the home. As part of that continuing effort, the team took apart and reverse engineered a slew of gadgets commonly seen in most homes. Through this, they were able to discover that a number of security issues plagued baby monitors, doorbells, thermostats, and home security cameras.

The biggest of these issues lay in the passwords. For one, common default passwords are shared by the same products even if they’re sold under different brand names. Very rarely do business owners and consumers come up with new device passwords after buying these products, so there’s a good chance they’ve been using an unsafe password for as long as they’ve been using a certain device. Moreover, retrieving the password stored in a device allowed the researchers to access entire wi-fi networks.

“It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand. Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely,” explained researcher and Ph.D. student Omer Shwartz. (Related: How to encrypt your hard drive, and why you should.)

“Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products,” said AABGU lecturer Dr. Yossi Oren. “It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices.”

Oren added that manufacturers should take extra steps in safeguarding their consumers. These steps can include disabling remote access, implementing complex passwords that are harder to crack, and making it more difficult for hackers to gather information from shared ports such as audio jacks.

That being said, consumers can protect themselves too. Oren and his researchers laid out a few tips for people to keep in mind before and after buying Internet of things (IoT) devices:

  • Buy from trusted manufacturers and vendors: Do your own research before purchasing any IoT devices. Also, choose to buy new devices instead of used ones. Cheaper isn’t always better, especially in this case. As per Phys.org, there have been more cases of highly vulnerable cheap devices than there have been pricey devices.
  • Keep an eye on your passwords: Some devices come with a default password, so make it a point to look them up so that you can change them before installation. Strong passwords with a minimum of 16 characters (with both letters and numbers) are the best kind of passwords. Furthermore, try to use different passwords for your various devices for that extra layer of security.
  • Avoid peer-to-peer-capable devices: IoT devices that boast peer-to-peer capabilities are hard to protect because they’ve been configured to connect to the Internet by any means possible. While it seems like a handy feature at first, it’s anything but since they become easier to access remotely.
  • Update as much as possible: Without regular patching, IoT devices become even more vulnerable. So try to update them often, and only get those updates from secure and reputable websites.

Protect yourself on the Internet by visiting Cyberwar.news for more guides on cybersecurity.

Sources include:

AABGU.org

Phys.org

Related Posts:

No Comments

Leave a Reply

Featured Video Play Icon
Surveillance State
2018: The Rise of Spying Transit Police

Source: MassPrivateI September 20, 2018 by mapi Today’s Public Transit Police Departments offer a frightening glimpse into the future of commuter surveillance. Last year the Bay Area Rapid Transit (BART) was accused of creating an app that spied on commuters travel plans, texts and emails. At the same time the Los Angeles …

Surveillance State
New York City’s WiFi Hotspots Confirmed As Surveillance and Tracking Devices

Image: LinkNYC Source: Activist Post September 11, 2018 Kevin Samson Back in early 2016 I wrote about a plan for New York City to turn 7,500 payphones into WiFi hotspots.  The program was called LinkNYC and indeed has begun its rollout with more than 1,500 now online. At the time, …

Surveillance State
Google and Apple’s Systems to Track you in Person: What the Media Isn’t Telling You

Photo Source Tyler Merbler | CC BY 2.0 Source: counterpunch September 6, 2018 by Michael Kwet Google is in the news (again) for creepy surveillance practices.  Google, AP reported, is tracking your physical whereabouts even after you tell them to shut Location History off.  Now Bloomberg reports they bought data …