4747797903-85eaf3abfa
Security

Dan Swinhoe (Global) - Hijacking Your Toaster: Hacking Embedded Systems

Remember when people thought that Macs couldn't get device? Or computer bugs were actually flies stuck in the computer? And remember when hacking and viruses weren't a constant and expensive threat that could almost kill you?

A few weeks ago my flatmate brought home a copy of Cabaret on DVD - someone had a left a box of DVD with a ‘help yourself' sign. Aside from his over-eagerness for musicals, I did think about security. Could someone intentionally infect a DVD with a virus, for some poor sap to infect his laptop or DVD player, with? After a few searches the answer generally pointed to yes, but also showed it's not worth the effort to infect DVD players - there are no details, internet connection or reward. But it got me thinking, what about Smart TVs?

And that's where things get interesting. With so many devices with embedded applications (around 10 billion according to Stuart McClure- former CTO of McAfee), many of which are internet-enabled, you'd think security would be high on the priorities list.

But you'd be wrong. Though some may have very basic encryption, it's nothing even a slightly determined hacker couldn't bypass. Internet guru Vint Cerf recently lamented this newfound connectivity, saying he was "frankly astonished" at the range of devices that now come with an internet connection. While it's true hacking an internet enabled fridge won't end the world (unless you really, really wanted that leftover pizza for breakfast), If a hacker could get control of the nation's aircon units, and cycle between shutting them down and whacking them up to full, you might be able to crash the US power grid.

While Cerf spoke about possibilities, embedded systems have already been hacked- repeatedly. Researchers found several vulnerabilities in Smart TVs, Printers, Cars, Xboxes, and even a pacemaker. Luckily most of these have been by researchers proving a point, but in 2008 a Polish teenager hacked in a tram network and injured twelve people.

It's not just Smart TVs and tram systems that are at risk. Recently an anonymous researcher found millions of insecure objects after scanning the web - printers, webcams and set-top boxes protected only by default passwords. Spending all the money in the world on anti-virus and security software gets you nowhere if hackers can abuse your internet-enabled toaster.

Seemingly for every ‘smart' device that comes out, a hack to show how insecure it is usually follows suite. In the last twelve months Smarthome meters have been hacked to fool power companies, but there's no reason it can't be turned around, and wireless NFC payments can be used to nick your banking details. When there's so much in the press recently basically saying people are struggling enough with securing their smartphones, it reduced the level of trust in every other embedded system to almost zero.

I've personally never understood the need for everything to be internet-connected, Wi-Fi enabled and able to connect to my smartphone. And after researching for this blog, I'm even more sceptical.

By Dan Swinhoe, Editorial Assistant, IDG Connect

Are internet-enabled devices safe? Do you trust them? Comment below.

PREVIOUS ARTICLE

« Martin Veitch (Global) - The Travesty of 'Track Changes'

NEXT ARTICLE

Darren Grasby (Europe) - Europe Can Benefit Working as One to Capture Cloud Computing's Big Opportunity »
author_image
Dan Swinhoe

Dan is a journalist at CSO Online. Previously he was Senior Staff Writer at IDG Connect.

  • twt
  • twt
  • twt
  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

Poll

Do you think your smartphone is making you a workaholic?