Currently there are 3+ billion connected devices, used by customers, most of them are hackable devices and the number surely will increase to 4 billion by the end of next year.
Due to the next holiday season, when 65% of Americans will buy consumer electronic gifts, according to a report by Consumer Electronics Association. Many of these gifts (hackable devices) will be smart TVs, notebooks and laptops, smartphones, tablets, and also video game consoles. Let’s not forget about smart watches, drones,wearable fitness trackers and smart home devices.
Sadly to say, these devices are vulnerable to hackers. Below you will find a list of hackable devices, scroll down below to check them all out.
The Most Hackable Devices
Tablets are like smartphones, but with a much bigger screen. They have an operating system like Android and Apps installed on it. The security mostly depends on its own operating system. As per a statistic, 97% of all malware attacks are aimed towards Android devices, according to a mobile thread report by Pulse Secure.
The iOS system offers more advantages which tightens the security, compared to Android, Apple has the ability to push security-related upgrades to it’s users much quicker than the “green” side. Let’s not forget about the tight control of applications which are allowed in the app store. Regarding Android security updates, they typically have to go through manufacturers, which may delay the update for some time.
As per what Bruce Snell, director of security and privacy at Intel Security, said:
“Tablets are used much in the way laptops are used and often contain work related documentation with sensitive information. But unlike laptops, tablets aren’t treated with the same level of security, especially in a BYOD environment.”
As the years will go by, this type of devices, will become even more popular. Drones are increasingly becoming targets for hackers, said Intel Security’s Snell. The hackers can easily use vulnerabilities to steal the drone itself and it’s cargo.
“The ability to remotely hack a drone connected to Wi-Fi is real”
A few years ago, a security researcher from Planet Zuda firm, demonstrated at the Def Con security conference how to hijack a Parrot drone; Parrot being a popular drone brand.
About 68% of U.S. adult now have a smartphone, according to a Pew Research Center report. And more than half of smartphone owners are using mobile banking / internet banking on their phone, and you won’t believe how many people log into Facebook each month, with their devices, about 1.6 billion.
Snell said the following:
With the new models of smartphones and tablets being produced multiple times throughout the year, these devices make ideal gifts for friends and family who want the latest phone to support their on-the-go lifestyle.
What most people don’t realize, is the huge potential this type of devices can be to criminals and cyber criminals.
Think about it for a second: basically you PC / laptop is in your hands; you can access social media accounts, your online bank, e-commerce stores and purchase what ever you want. If one person or hacker compromises your device; I truly believe it will be up to him/her/the hacker what will do with the information he/she gained from you.
Your credentials can be exposed to hackers, who are very able to remotely break into your smartphone. What about videos, personal photos, emails, personal and work contacts, login credentials to office or home networks, and also saved location data.
Hackers can also activate the microphone from your smartphone remotely and listen in or track the device’s location.
A major factor which is affecting smartphones is the OS (Operating System). According to a recent report by B2B International and Kaspersky Lab:
- 30% of Android phone owners don’t protect their phones with passwords.
- 44% of Android phone owners don’t have anti-virus or anti-malware solution installed.
Bluetooth-enabled accessories and smartphones can also be hacked, and are vulnerable to attacks. Most of the devices still have the default password for Bluetooth, 1234 or 0000, allowing cyber-criminals to gain access to the device.
One of the biggest issues with Bluetooth connectivity, is that it’s authenticated once. Let me explain this to you, my fellow reader: after the pairing is done, the device is automatically considered trusted – this leaves the door open for MITM attacks against the connected accessory or the host device. Note: MITM means Man In The Middle.
4. Children’s gadgets
Devices that children connect to the Internet can also allow cyber criminals to target the family or the child. Most of the children use their parents devices and email address to access applications which control their gadgets.
If the child’s device is compromised and infected, this will give the hacker the opportunity to have direct access to the parents data, resulting in spearphishing and malware being installed.
One much toy is BB-8 Droid by Sphero, which is controlled by an smartphone app.
Chris Rouland, founder and CTO at IoT security firm Bastille Networks said:
“The weak link isn’t just in the communication protocol between the phone and BB-8, there’s also a risk of modification to the toy’s firmware as well.”
Another hackable toy is Hello Barbie doll from Mattel.
5. Camera-enabled devices
Any connected devices which a camera is potentially vulnerable. There been a number of reports about hacker nanny-cams, baby monitors and similar devices. There are a number of websites which are cataloging the unprotected cameras.
A few years ago, the security firm Rapid7 did a review of popular baby monitors from 6 manufacturers. They found that all of the devices where vulnerable due to lack of encryption for stored data or communication, and they warned this will only be the tip of the iceberg.
Attackers have a variety of possibilities to invade personal privacy, use the devices to gain access to the local network, steal recorded videos and even track when people are home.
After the report / review by Rapid7, each manufacturer rushed to fix the problems.
HP tested top 10 smartphones and found security problems with all of them. Most of them, didn’t have a lock mechanism or pass-code – so anyone who found / picked up the watch could get into it.
Many had the following issues:
- security upgrades
Same with the apps – risking to leak personal privacy of the user. If hackers gained access to the smartwatch, they could have “climbed higher” and accessed the network or the mobile device.
7. Fitness Trackers
According to Intel Security’s Snell, a cyber criminal who accessed a fitness tracker device or even it’s website can access private information. More than that, hackers can gain access to the laptop / PC, smartphone, tablet or home network which the tracker connects to.
Basically it’s a gateway device, same as the smartwatch.
Fortinet, a security searcher firm, did a research about Fitbit fitness trackers, and found out that they could be attacked via Bluetooth connections.