The dangers of the Connected Home

By Dyenamic Solitions - Last updated: Monday, August 18, 2014 - Save & Share - Leave a Comment

The Internet of Things (IoT)  lets us communicate and connect via a myriad of different technologies.

The dangers of the Connected HomeThe IoT promises to  let stuff, devices and gadgets connect in the same way that humans do via the internet.

Already it is possible to get smart thermostats, fridges, ovens, washing machines, air conditioners, lights, plugs, music players, baby monitors and many more gadgets.

With a net connected oven, it will be possible to ensure your casserole is cooked to perfection as you arrive home hours late rather than dried up and cold because there was no way to communicate with the oven and adjust its timer.

However security- or rather the lack of it is the serious problem.

One of the big issues is that if one wi-fi video camera for example makes itself available to the internet regardless of your firewall, anyone who knows your IP address would be greeted with the login screen for the camera.

With one camera recently tested, entering a default login name and password granted access to the images and sounds the device was capturing. There was no prompt to change these credentials to protect privacy.

Statistics gathered via the Shodan search engine, which catalogues devices and industrial equipment attached to the net, suggests there are more than 120,000 of just this one poorly protected gadget online already.

It was hard to know how many were giving strangers a look into homes up and down the country, they said, as there was no legal and ethical way to probe them.

The vulnerabilities in the devices emerge from the very basic web server software it uses to post images online. That insecure software is currently being used by more than five million gadgets that are also already online.

Researchers from NCC Group managed to take control of several different devices including smart plugs that can be controlled via wi-fi, a wireless music system and a blu-ray DVD player.

The NCC Group said vulnerabilities in a widely used networking system called UPnP helped his team take control of these devices.

UPnP was known to be vulnerable and kits already exist, one of which was written by an NCC Group researcher, that look for devices that use the networking protocol and try different vulnerabilities against them.

Many of the devices used UPnP to reach servers out on the wider net potentially exposing them to attackers.

Built-in passwords that could not be changed made these ripe for exploitation.

Gaining control of these devices was likely to annoy people more than anything else but other work by the company had exposed a more worrying aspect.

“The one that people really get concerned about is the microphone on a smart TV,” he said. “We were able to bug a living room through it. That’s when the internet of things starts to spook people out,” he said. “when your stuff does more than you think it does or ever wanted it to.”

The work that Microsoft and other PC software vendors were doing to harden their code was already making dedicated cyber criminals look elsewhere for targets.

The “ridiculously easy” way it was possible to subvert many smart gadgets was likely to make them a candidate for attack in the near future. There had already been examples of attackers looking to subvert domestic hardware in a bid to grab online banking data.

Posted in Cyberwars- news reviews by Dynamic Solutions, Data Protection, Internet Browsing, Technology Companies, Telephone Marketing Professionals, Uncategorized, WiFi Telephony • Tags: , , , , , Top Of Page