Is anyone truly secure in their home? That may not be the case in a world where bridges are being connected by rapidly improving technology. And with off-the-shelf smart devices becoming increasingly common features in homes, it seems that it’s easier than ever to invade the sanctity of a personal space.
This was demonstrated by researchers from the American Associates Ben-Gurion University of the Negev (AABGU). Their main body of work focuses on identifying the vulnerabilities of networks and devices in the home. As part of that continuing effort, the team took apart and reverse engineered a slew of gadgets commonly seen in most homes. Through this, they were able to discover that a number of security issues plagued baby monitors, doorbells, thermostats, and home security cameras.
The biggest of these issues lay in the passwords. For one, common default passwords are shared by the same products even if they’re sold under different brand names. Very rarely do business owners and consumers come up with new device passwords after buying these products, so there’s a good chance they’ve been using an unsafe password for as long as they’ve been using a certain device. Moreover, retrieving the password stored in a device allowed the researchers to access entire wi-fi networks.
“It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand. Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely,” explained researcher and Ph.D. student Omer Shwartz. (Related: How to encrypt your hard drive, and why you should.)
“Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products,” said AABGU lecturer Dr. Yossi Oren. “It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices.”
Oren added that manufacturers should take extra steps in safeguarding their consumers. These steps can include disabling remote access, implementing complex passwords that are harder to crack, and making it more difficult for hackers to gather information from shared ports such as audio jacks.
That being said, consumers can protect themselves too. Oren and his laid out a few tips for people to keep in mind before and after buying Internet of things (IoT) devices:
Protect yourself on the Internet by visiting Cyberwar.news for more guides on cybersecurity.