All Sections

BBC hacks smart home devices but doesn’t name failing brands

The BBC has highlighted more insecure smart home tech but refused to name the brands leaving a back door into your life.

The BBC’s report says the connected home, particularly those with webcams and video baby monitors, is a security disaster waiting to happen because many of these ‘always-on’ items are too easily hacked.

Although the Internet of Things (IoT) seems like a great idea in principle, device manufacturers need to take note and add in security protocols to ensure your home can’t be virtually broken into, the report explained.

Your home webcam can allow hackers into your home
Webcams are meant to improve your home security, not decrease it

Liam Hagan, a researcher from security firm Nettitude, said: “One of the big issues is that one wi-fi video camera makes itself available to the internet regardless of your firewall. Anyone who knows your IP address would be greeted with the login screen for the camera.”

This means they can go on to look around your home, potentially meaning they could case the joint before launching a real-life break-in scenario.

The BBC didn’t mention which particular products could be so readily hacked, but we hope they have notified the manufacturers of the report’s findings.

Microphones and cameras within smart TVs were also highlighted as opportunities for malicious spying: security experts were able to break into the network and use them as bugs, essentially monitoring everything you say.

James Lyne, head of security research at Sophos, said: “There’s a continuum between security and usability and it’s true that the more you secure something there is a cost in how usable it is. At the moment, however, we are a long way off the wrong end of that scale.”

Earlier this month, an HP report claimed 70 per cent of Internet of Things devices have security flaws, the Defcon 22 hacker conference this month saw several home routers broken within hours, and gateways for malicious netizens have been exposed in numerous smart TVs and other devices.

Common problems include failing to force users to change passwords when they install the device, or failing to ship each device with a unique user ID and password pre-installed, while component manufacturers often supply insecure firmware which manufacturers can’t fix.

Comments