Is there no end to spying? Our privacy and security is under assault from sources we least expect. Sure, you know Chinese and Russian hackers are spying on us, right? Android is a cesspool for malicious malware, too. Can anyone trust Samsung with their data after all the criminal activities in the executive suite and a rash of exploding devices (shades of the original Mission Impossible’s burning tapes)?
Now we learn that IoT teddy bears have been spying on parents and children, and worse, nearly a billion have had their personal information exposed online. The Internet of Things is getting a bad reputation.
A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange heartfelt messages left more than 800,000 customer credentials, as well as two million message recordings, totally exposed online for anyone to see and listen.
This event was less of a hack and more of a crazy-assed mistake by somebody that should have known better, probably knew better, but maybe did it on purpose anyway. We may never know, but it points out an even more dangerous situation about internet connected devices and how easy they are to hack.
As we’ve seen time and time again in the last couple of years, so-called “smart” devices connected to the internet—what is popularly known as the Internet of Things or IoT—are often left insecure or are easily hackable, and often leak sensitive data. There will be a time when IoT developers and manufacturers learn the lesson and make secure by default devices, but that time hasn’t come yet. So if you are a parent who doesn’t want your loving messages with your kids leaked online, you might want to buy a good old fashioned teddy bear that doesn’t connect to a remote, insecure server.
I don’t mean to be paranoid, but if you’re using anything that connects to the internet through your home or office Wi-Fi, there’s an opportunity for malicious access and hacking. In Germany, an internet-connected doll was forced off store shelves when it was found to be spying on customers.
Wait. Are not our Macs, iPhones, and iPads connected to the internet? Yes. And they’re far more difficult to hack into and to control remotely than an internet connected refrigerator, or that cheap spy cam you bought on Amazon. It’s an estimate, but researchers say 6-billion things are connected to the internet and that includes PCs, smartphones, tablets, routers and the like; most of which are far more secure than an internet connected door lock with a spy cam on top.
Last fall, internet hackers took control over nearly a million devices– surveillance cameras (like you see on N.C.I.S.) and DVRs and used them to take down popular websites and cause general maliciousness on the interwebs.
Lorenzo Franceschi-Bicchierai puts it best:
The famous saying that “the internet was not built with security in mind” is a dogma in the world of hackers and is largely accurate. It’s becoming clear we can’t afford to think the same way while building the Internet of Things.
Is nothing safe? It’s beginning to look that way. I see a big opportunity for Apple’s HomeKit. Wherever it is.