Articles Expertise

IoT Appliance Hacking: Yeah, It's Real.



Appliance Hacking: it’s real and it happened on Friday (10/26/16). We get it--smart home devices make sense in certain cases. For instance, it's highly beneficial to be able to control your vacation cabin's plumbing remotely through the winter. More and more child abuse cases have become prosecutable via nanny cam footage.  Distance can be bridged through technology and that is wonderful - until it isn't anymore. Last week, Spotify, Twitter, Pinterest, Reddit, and Paypal were subjected to a sweeping Halloween hack on the East Coast. Also, if you own a smart home device and live in that part of the country, it is possible you were unwittingly involved.

“The DDoS attack was reportedly carried out through millions of hacked connected devices like web cameras and smart fridges, seemingly innocuous items which are often poorly secured and easily compromised. “
A recent study showed that up to 79% of smart home devices were insecure (because of default or easily-guessed router passwords) If, say, Netflix is down for a few hours, it doesn’t seem to affect you that much?… Think again:
Privacy-related recalls could become more frequent as connected devices become more intimate. A hack of a smart lamp or connected refrigerator may seem frivolous, but when it’s an insulin pump or a pacemaker that is compromised, attacks can be lethal and make action more necessary. “In a sense maybe there is a turning point for certain manufacturers to say, OK we need to do something about this,” Lee said. That's terrifying. Here at Tech Wellness, we don’t give out scary warnings with solution options. This Marketwatch sister article offers some solid advice to prevent this kind of breach. Among their tips: Printers are the worst. Not only can we all agree they are the worst, they actually seem to be the weakest link and most vulnerable hole in your home network. Remember when Apple products were deemed impenetrable by viruses? That was a lovely era, but that time has passed. Purchase malware security software specifically for Mac. Which leads us to… Do your security updates for smart devices. Yeah, they’re not our favorite either. Most of them don’t auto-update, so you have to do it yourself. Updates are tailored to the most recent and savvy security threats. Don’t ignore them. 
  1. A lot of these types of breaches enter through email. Double-check IP addresses for similarly-named URL’s that look legit at first glance.
  2. Don’t log on to public WiFi and don’t use unlocked neighboring WiFi (even though it's tempting in a pinch)
  3. Don’t use common passwords or your phone number as a password. (I know of a lot of people that do this so it’s easy to share WiFi when friends come over, but it’s better to keep your password on your fridge than make it so easy to figure out for outsiders) Jumble up varied symbols, numbers and capital letters all in one passcode.
  4. Use multi-step authentication whenever possible. It is a pain, but there is this good reason banks love to use this technique. Just opt to get a one-time code texted to you whenever possible

The good thing about these kinds of widespread hacks is that they cost the device companies money and push manufacturers to be competitive with security tech. Be a smart consumer. Pick products that include individualized passcode for every consumer who purchases.  And, remember: You can opt out of being so connected (Plus, you don't really want your home to be a veritable force field of EMF energy anyway). “Smart homes” aren’t so smart after all if they leave your security and privacy at risk. What you can also do that's so, so easy and cheap--our Creepblockers effectively cover any device camera and the first to muffle your microphones on laptops. Stick them on your TV, or laptop, cell phone, anything with a little camera. Protect you and your family, because your privacy is worth it. 

Stay safe out there and we hope these solutions gave you a peace-of-mind. 

Be Well, 

XO Tech Wellness Team

Here's the research 

Leave a comment

Please note, comments must be approved before they are published