We’ve invested big time in devices that are always on, connecting via wireless and cellular networks to a variety of networks. This ubiquitous connectivity is a blessing when we can’t make it up the stairs one more time to see if the baby really needs attention or is just fussing or when our vehicle’s onboard navigation system warns us of traffic delays and lets us choose a different route, but the downside is that we’re making ourselves vulnerable in a variety of ways to a variety of hacks.
Here’s a list of 10 IoT devices you probably own that can be pretty easily hacked—with sometimes inconvenient, sometimes potentially disastrous results.
- Your car
Any car built after 2005 (some say 2000) can be hacked and made to turn, speed up, or brake. A hacker who gets into the car’s internals can turn off key automated components including safety features like airbags, anti-lock brakes, or door locks. While hackers still need a point of entry access to the car’s network, new onboard infotainment system WiFi and cellular vulnerabilities and insecure gadgets plugged into the onboard diagnostic port make this pretty easy to do.
- Your thermostat
Hackers were able to access a casino’s network via an aquarium thermostat and used their access to extract its high-roller database. In 2016, Finnish hackers put the freeze on the citizens of Lappeenranta and left residents in the cold for nearly a week as the system endlessly rebooted itself.
- Your sprinkler system
Burglars can break into homes through smart home devices, especially phone apps that let you turn up your thermostat or turn on the sprinkler. Researchers have discovered significant vulnerabilities via low-security products like sprinkler controls. After gaining access, burglars can control alarms and cameras and turn them off. Interconnectivity that allows various apps and devices to communicate with each other is the big culprit here.
- Your fitness tracker
Open Bluetooth connections on Fitbit and other wearables mean attackers can send malware to the devices which would then be transferred to any PC the Fitbit came into contact with.
Once the PC is infected, the infected code can start a backdoor, crash the system, or propagate via the system to other trackers.
- Sex Toys
If your latest and greatest sex toys have any connectivity at all, they can be hijacked, including flipping switches when you least expect it and accessing video streaming intended to be private. So change all default passwords and turn Bluetooth off when you’re not playing.
The U.S. Food and Drug Administration (FDA) recently recalled almost half a million pacemakers due to lax cybersecurity that could be hacked to run the batteries down or even alter a patient’s heartbeat. While the pacemakers didn’t have to be removed, a firmware to patch security holes had to be applied by medical staff. Six different types of implantable pacemakers, all radio-controlled, were affected.
They’re typically used for patients with slow or irregular heartbeats and those recovering from heart failure. While there were no reported hacks, the FDA says that the vulnerabilities could, in worst case scenarios, cause death.
- Baby monitors
Baby monitors, first introduced in the 1930s as simple, limited range walkie-talkies, are now WiFi-enabled, smart devices with receivers, video cameras, infrared vision and a whole lot more. They’re considered barely secure secure devices and can be hacked virtually anywhere in the world via their Wi-Fi connections. They’re a perfect example of how seemingly innocuous, internet-connected devices can be pooled by hackers to launch massive denial-of-service attacks. A hacked baby monitor’s camera can “visit” your home and lock you out of the control panels.
Medical devices, typically too small to house processors powerful enough to perform advanced encryption to scramble their communications, are also vulnerable. Insulin pumps can be reprogrammed to respond to a stranger’s remote. With a USB device to look at data transmitted from the computer to the insulin pump, the USB device can tell the pump what to do.
- Smart TVs
Smart TVs now represent 70% of all new television sets sold. The streaming these Smart TV enables, however, creates a domestic security nightmare. Hackers can change channels, play offensive content or heist detailed data about TV’s users. As the centerpiece of consumers’ increasingly connected homes, it won’t be long before a hacker can leverage a compromised set to potentially control other smart-home devices, including thermostats, cameras, washing machines, and speakers. It’s not Netflix and chill if the TV suddenly changes channels, tells the washing machine to do a load of laundry, or turns on your stove.
- Amazon Alexa and Echo
Hacking other devices that can trick the Amazon Echo can mean big trouble. By cracking the WiFi key, then casting to the home’s Smart TV, hackers can turn on the TV, record a blank video with instructions for Alexa devices, upload it to YouTube and send it back over the WiFi network to give Alexa orders. One hacker turned off the lights and made a cup of tea using an iKettle 3.0.
Basic internet security is the best defense against device hacking. Never use factory default passwords. Change your passwords often. And turn off Bluetooth whenever you’re not using your devices.