Author: Alexander George / Source: Popular Mechanics
There are criminals out there looking to exploit smart thermostats and Wi-Fi cameras. Hackers can remotely disable a thermostat and demand a ransom to return it to working order, or gather sensitive information about its owner. It’s the risk of anything wireless and convenient. Cybersecurity researchers fight back by dissecting smart hardware and finding weaknesses for manufacturers to fix before the bad guys get wise. We asked a few of these researchers to assess whether some common smart appliances left their figurative doors unlocked.
Ryan Speers and Gene Chorba work at Ionic Security in Atlanta. The company specializes in encryption, intelligently scrambling data so that only the intended recipient can see the information. Its clients include the Department of Homeland Security, making Speers and Chorba overqualified but enthusiastic about assessing a Wi-Fi sous vide, a slow-cooking heating element. Within six hours of testing, they got in. “We saw unencrypted and unauthenticated data coming from the device,” Speers says. “That meant we could ‘sniff,’ or monitor its communication with the user.” With the right tools, they could potentially alter those commands, like a hacker bent on maliciously overcooking your steak. Getting that far would typically require the attacker to be physically within range of the Wi-Fi network running the device. The attacker could, however, trick…
Click here to read more