Smart devices used at home are supposed to help people live more comfortable and convenient lives, but researchers are warning potential criminals may also exploit them to monitor their target victims.
Researchers warn that for instance when a family uses a new ‘smart’ monitor to check on their sleeping baby at night, creepily they may not be the only one peering into the crib of their precious little one. Researchers announced Tuesday that they managed to crack into most ‘smart’, internet-connected home devices easily in a matter of minutes.
Their findings mean a clear and present danger of how easily a criminal, voyeur or pedophile can take over such smart devices.
Yossi Oren, a senior lecturer and head of the Implementation Security and Side-Channel Attacks Lab at Ben-Gurion University of the Negev in Israel, added: “Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products.”
The researchers use the “internet of things”, or IoT for testing a number of products that connect to the web. Such products include things like smart baby or pet monitors, security cameras, thermostats and more.
One of the researchers said that it only took about half an hour to find passwords for most of the devices and some of them were discovered only through a Google search of the brand. The findings added that once hackers gain access to an IoT device, like a camera, they can already create an entire network of such camera models controlled remotely.
The lax security on smart devices has been a growing concern. Hackers appear to be exploiting some of the loopholes in the devices to do more than just shut down websites.
There was a chilling account in Denmark for instance when a woman who bought a security camera for her home taped a video of the device turning on by itself then creepily swiveling to face her as a man whispered through the speaker.
Another account says someone else managed to take control of a baby monitor, and shockingly made a comment about a baby’s diaper and even advised the nanny that she should password protect her camera.
Researchers say it would be a good security measure to change password for the device immediately and not to stick with the default password that comes from the manufacturer.
Another tip is to always update the device regularly, and not to use the same password for multiple devices. The researchers also said it is best to only buy from reputable manufacturers and stores, and to avoid buying used items whenever possible as malware may have already been installed.