More and more smart consumer products come with internet connectivity, creating something known as the internet of things (IOT). There are many benefits and conveniences that come with these products, but also some pitfalls like reduced privacy (and sometimes much worse). Continue reading to learn about 3 Surprising Household Items You Didn't Know Could Be Hacked.
The US Food and Drug Administration recalled hundreds of thousands of pacemakers in 2017 due to doubts about their security against hacking, according to Reader’s Digest. Pacemakers regulate the heart rate, keeping it normal and controlling abnormal heart rhythms, so the dangers associated with these critical devices being susceptible to malicious interference are quite apparent, even without going into too many technical details. To avert such a catastrophe, Wired reports that security researcher Jonathan Butts has spent years hounding a prominent maker of pacemakers Medtronic, trying to remedy flaws in its security and clinch an agreement on encryption protocols.
"The time period Medtronic spent discussing this with us, if they had just put that time into making a fix they could have solved a lot of these issues," Butts said. "Now we’re two years down the road and there are patients still susceptible to this risk of altering therapy, which means we could do a shock when we wanted to or we could deny shocks from happening. It’s very frustrating."
Unfortunately, Butts’ plaintive warnings were dismissed by Medtronic as hot air. The company came to the conclusion that its products were fine as is.
"Medtronic has assessed the vulnerabilities per our internal process," the company wrote. "These findings revealed no new potential safety risks based on the existing product security risk assessment. The risks are controlled, and residual risk is acceptable."
Medtronic spokesperson Erika Winkels gave the following statement to Wired: "Medtronic deploys a robust, coordinated disclosure process and takes seriously all potential cybersecurity vulnerabilities in our products and systems.”
Winkels also brushed off warnings from security researchers, noting that “All devices carry some associated risk, and, like the regulators, we continuously strive to balance the risks against the benefits our devices provide”—a sentiment which likely roiled Butts on a visceral level.
Given the dire nature of the risks, it’s surprising that Winkels dismissed the valid concerns raised by security researchers with such a tersely worded statement, suggesting that she is likely not paid by the word.
Mired as he was in the bowels of frustration by corporate stonewalling, Butts even contemplated using an iPhone app to kill a pig remotely in order drive home the severity of the situation, but ultimately decided against it for reasons that Wired was not made privy to.
"We were talking about bringing a live pig because we have an app where you could kill it from your iPhone remotely and that would really demonstrate these major implications," Butts recounted to Wired. "We obviously decided against it, but it’s just a mass scale concern. Almost anybody with the implantable device in them is subject to the potential implications of exploitation."
2 Smart Speakers
Smart speakers are great, as many proud owners of Amazon Echo and Google Home can attest. You can play music by issuing voice commands, and sometimes, they may even help you solve murders. But other times, they can help make your life worse. Smart speakers are privy to your private conversations and the personal information you reveal in casual conversation at home, including your daily routine. If you use smart speakers to make online purchases, it also holds your credit card and other financial information, which hackers can access if they manage to break in. Be sure to keep a strong passcode on your smart speaker's account, and don't use that same password across other accounts. It's also good practice to simply be mindful of the information you share near your smart speaker because it's not possible to tell who (or what) might be listening.
1 Smart TVs
Identity theft is not a joke. Millions of US families suffered from it in 2014 alone, according to the Department of Justice’s BJS. And given the growing prevalence of online streaming subscriptions, your smart TV can serve as a gateway to more than limitless binge-watching. It may in fact turn out to be the cause of financial ruin because hackers can skim credit card and other information from your television, including important information about what you like to watch, say, on Tuesday nights.
“Researchers have found that many manufacturers set the same default passwords for the same type of devices, and often users don’t change them. This means that if you have ten network-connected devices and at least one of them you didn’t take care of—the whole network is compromised”, said Andrew Newman, CEO and founder of Reason Software Company.
If you find your television switching channels, ordering movies, and changing the volume of its own accord, it may not be the kids next door. It may be the Central Intelligence Agency, the human intelligence arm of the US intelligence community, which developed a program called “Weeping Angel” to hack specifically into Samsung Smart TVs, according to a March 2017 WikiLeaks leak. Samsung said it was “urgently looking into” protecting its TVs from the CIA, but it’s unknown whether they’ve succeeded in making their mass-produced television sets CIA-proof and protecting tens of thousands of consumers from potential snooping thereby.