Site icon Panda Security Mediacenter

Smart bulbs, baby monitors and even toilets… Cyber-criminals have the smarthome under siege

Anything that connects to the Internet is susceptible to cyber-attacks, and that means absolutely anything, including ‘smarthomes’.  Some lovers of this latest futuristic trend may not have stopped to think about how they are opening a door to cyber-criminals who try to manipulate every electronic device that connects to the Web, from baby monitors to thermostats, or even a simple light bulb.

Many of these products are linked to smartphone apps or websites that enable users to remotely control their appliances, cameras or even door locks. And all this is potentially vulnerable.

Nest, the smart thermostat that could surprise you

Nest thermostats, a company owned by Google, let you regulate the temperature in your house from anywhere, via the Internet. Yet that’s not all, it can monitor the activity of the people living there, learning their daily schedules, their preferred room temperature and consequently heating or cooling the house accordingly

Yet there are downsides to this, and the system is also vulnerable to cyber-attacks. You can already find on the Internet a simple method to compromise these devices. This works as follows: an attacker uses ‘restore’ mode on the device to boot it with the Linux kernel and from there modify the thermostat’s file system.

Google has tried to resolve the problem by only making it possible to modify the device if you have physical access.

LIFX smart bulbs

If you’re one of those who can barely manage get up from the chair to turn off the light, no doubt you’ll be delighted with smart lightbulbs such as LIFX, which came on the market thanks to Kickstarter crowdfunding in 2012.

They work in such a way that only the master bulb is connected to the smartphone app. If the user sends a command, this is run on the master which in turn, sends signals to the other (slave) bulbs via WiFi. However, as with everything that’s connected to the Web, the system is vulnerable to attack

And just imagine if someone did hack your lightbulbs: they could spend the whole night switching your lights on and off just for laughs, though you won’t be laughing when the electricity bill arrives.


Your baby at risk

This must be one of the most extreme attacks against a smart home. It’s bad enough taking control of an electric door, a lamp or a thermostat, but hijacking the baby monitor is surely cruel. This device lets parents keep check on infants as they sleep, warning them when the child cries, falls out of bed or when anything else untoward happens. It’s a device designed to give parents peace of mind.


To prevent these devices from being attacked, it’s advisable to change WiFi and camera passwords and to accept all the updates that manufacturers make available via smartphones.

The toilet’s gone mad!

Anything can be attacked, even a toilet! Specifically, a smart toilet -called Inax Satis– that operates via Bluetooth. The problem is that there is no specific password for each toilet and therefore anyone using the Satis app can control any of the company’s toilets. Experts claim that an attacker could suddenly lift or lower the lid, turn on the bidet or hand-dryer just to annoy the user. It may not be dangerous, but it shows that, potentially, everything is hackable.

Hackable homes

It’s not even news that smart TVs can also be hacked. So what happens when a smart TV’s camera is activated without the user’s knowledge? A continuous live streaming video of everything that happens in your home, that’s what.

 

You thought you had everything under control, did you? Well, it’s not a question of rejecting all today’s innovation and going back to living in caves. You just need to take a little care, use your common sense and keep an eye on all the connected devices in your home. That way, you can avoid any nasty surprises.

 

Exit mobile version