With the popularity of smart devices in the home environment, security researchers have continually discovered serious flaws hidden under these “smart” cloaks. According to a report from the research team of the University of Negev Ben-Gurion recently, most devices are extremely insecure and may even be cracked in less than 30 minutes.
Image: Symantec
The report’s researcher Yossi Oren said: “It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices. Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products.” The team tested 16 common smart home appliances, including Baby monitors, home security cameras, doorbells, thermostats, and more. They found that hackers have a lot of ways to invade these devices, and even can easily obtain the password to restore the factory settings.
Omer Shwartz, another researcher involved in the project, said: “It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand. Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely.”
“BGU researchers offer a number of tips to keep IoT devices, families and businesses more secure:
1. Buy IoT devices only from reputable manufacturers and vendors.
2. Avoid used IoT devices. They could already have malware installed.
3. Research each device online to determine if it has a default password and if so change before installing.
4. Use strong passwords with a minimum of 16 letters. These are hard to crack.
5. Multiple devices shouldn’t share the same passwords.
6. Update software regularly which you will only get from reputable manufacturers.
7. Carefully consider the benefits and risks of connecting a device to the internet.”
Source: ScienceDaily
