In the spirit of the season, we decided to look at the rise of technology among the many items that will be given as Christmas gifts this year. Some are completely new and innovative products, others are products we have known our entire lives that have had a technological makeover. But they have one thing in common: they can connect to the internet.
The “Internet of Things”, as it’s called, appears to be expanding by the minute, and is therefore no surprise that many of this year’s most wanted Christmas presents are also among the most hackable. Smartphones, laptops, tablets and eBooks are quite obviously connected to the internet. Other products’ internet connection, however, can often be overlooked, leaving personal details vulnerable. These days’, TVs, cars, home appliances and even some toys have the ability to connect to the internet. But there’s no reason to be alarmed, just to be aware and take the necessary precautions to make your devices and personal data secure.
This is our pick of 2015’s most hackable Christmas gifts.
1. Fitness trackers and smartwatches
Wearable devices are proving to be popular, up from 26.4 million in 2014 to 72.1 million in 2015. The most common wearable devices come in the form of fitness trackers and smartwatches.
Fitness trackers have the ability to track the number of steps taken, heart rate, calories burned, sleep activity, and some even include a GPS for accurate distance and pace reporting. While it could be said that more people use them as fashion accessories than for their intended function, fitness trackers can provide a wealth of information for cyber criminals. Giving personal information away could be as simple as turning on your fitness tracker in the same location every day, letting hackers know where you live. How easily that information is accessed comes down to the security of your fitness tracker. The higher quality trackers, such as Fitbit, Pebble and Garmin, have high standards of security built into the device. Whereas the lesser known, lower quality trackers are more likely to sacrifice security for price.
Smartwatches make up a huge portion in the rise of wearable technology. The Apple Watch, which was launched in April of this year, is the most purchased smartwatch thus far, selling 6 million in its first 6 months and predicted to sell another 6 million by the end of Quarter 4 2015. These small wearable devices open up another door for hackers which previously did not exist. The current top 10 consumer smartwatches were tested for security components and vulnerabilities in a recent study by computer manufacturer Hewlett-Packard. The test included basic data encryption, password protection and privacy concerns. There wasn’t one smartwatch found to be 100 percent protected from hacking.
2. Drones and kids toys
With all the excitement of a new flying gadget or an awesome toy, cyber security often gets forgotten, leaving toys and drones as probably the most unsuspecting Christmas gifts to being hacked.
Drones are among the top trending gifts searched on Google this year. Now that they’re available for less than $100, not only will they be on the minds of the aviation control, but hackers as well. The unmanned, radio-controlled aircraft are most vulnerable when connecting to an open and unsecured WiFi network or when their factory default password is not changed, acting as a backdoor to your other devices such as a PC or smartphone.
Kids toys take it to a creepier level. While it is also the case that kids toys are vulnerable to unsecured WiFi networks and factory default passwords, it is also possible that they are spying on your children. The new Hello Barbie, which was released earlier this year, talks back whenever you talk to her. Pressing a button propels Barbie to ask a question, and then an embedded microphone records the child’s response and transfers it to cloud servers. The content is saved and decoded using voice-recognition software by San Francisco-based startup ToyTalk. The content is used to devise the most relevant reply from Barbie, creating conversation between the toy and the child. The fine print indicates that ToyTalk may also share the content with third parties, as well as you as the parent. Barbie is starting sound more like Big Brother than an innocent play toy.
3. TVs and home appliances
The internet has infiltrated almost every item of the home, including TVs, fridges, ovens, washing machines, thermostats, lighting, security alarms, security cameras, baby monitors, and air conditioning, just to name a few.
If you should be as so lucky as to receive an oven or some other exciting home appliance for Christmas this year, you may want to install it with caution. It sounds like an old horror movie, but your home appliances and white goods could take on a mind of their own. Under the instructions of a hacker, that is. Whether you’re at home, or miles away, you can control the temperature of your smart oven via an app on your smartphone or tablet. They even come with a self cleaning feature, which you can also monitor via the app. But what if someone else gained control of your oven, perhaps in the middle of the night? The possibilities start to become quite dangerous.
The most dangerous on our most hackable Christmas gift list is a car. In today’s car market, most new models have some type of wireless connection. It enables GPS, Bluetooth, or streamed movies to keep the children entertained. What people may not realise is that many newer cars use computerised parts that run on the same network. As with most of the items on this list, they weren’t designed with security in mind.
Two hackers, Charlie Miller and Chris Valasek, exposed the true vulnerability of a Jeep Cherokee earlier this year by gaining complete access to the car’s driving capabilities from a laptop 16km away. They were able to control everything from the air-conditioning and music volume, to the breaks and accelerator, even with someone behind the wheel. Although they had only attempted the hack on Jeep Cherokee, a forensic engineering consulting firm, PT&CLWG, have put together a list of the top hackable cars.
Thankfully, the hackers who have identified these security defects aren’t criminals and are sharing their insights so that the auto industry can make the necessary changes.
5. Smartphones and tablets
According to a report released by Ericsson, there are currently 2.6 billion smartphone subscriptions worldwide. A report from eMarketer estimated the use of tablets would climb to 1 billion this year. It’s a fairly safe bet that there will be some given out this Christmas. But with quantity comes vulnerability. This is because the amount of data that could potentially be accessed makes the hacker’s effort worthwhile.
People tend to rely on smartphones to help run their lives, storing all their personal information on them because they are so convenient. A smartphone can have just as much or possibly more personal information on it than a PC or laptop and yet their seems to be a general lax approach to protecting them and making them secure. Hackers can gain access through a number of avenues, whether it be through an app, a text message or what is known as a “man in the middle attack” where the phone is infiltrated via a server connected to a software installed on the phone.
It is a similar situation for tablets. Although they are less likely to have as much personal details stored on them as they’re mostly used for entertainment purposes, such as streaming videos, playing games or reading books, tablets still hold a vulnerability. This is again mostly due to the general carefree approach to their security.
These useful tips from Samsung are sure to increase the security of your smartphone and can also be applied to your tablet. The difference between taking the available actions to protect your devices can reduce your risk significantly.
Tips for staying secure this Christmas
- Keep the software and operating systems updated at all times, even if the item is brand new, because the company is always working to fix vulnerabilities. This goes for all internet connected devices.
- Change the default password immediately, and use numbers and upper and lower case letters in your passwords, making them harder to guess.
- Invest in security software for your “core” devices
- Use caution when connecting to unsecured WiFi hotspots
Have a very merry Christmas and happy new year from everyone at Ebix Australia.