With a plethora of home automation IoT devices out there in the market, from reputed brands and newcomers, the choices are abundant, but when it comes to security features that these devices come equipped with, there is still a big room for doubts, with a majority of these devices being highly susceptible to hacking. As more and more new kinds of smart devices with smart sensors frequent the IoT market space, new fundamental security vulnerabilities keep surfacing up in these smart connected hardware devices from security cameras, video doorbells, baby monitors, voice assistants, thermostats and other off-the-shelf products.
This privacy and personal safety conundrum was the much-highlighted topic at the RSA USA 2019 conference in San Francisco. Tom’s Guide, an online publication portal, recently unveiled several cybersecurity presentations at the RSA conference, where it was “demonstrated how to hack home smart alarms, smart teakettles, networked storage drives, children’s dolls, kids’ GPS tracking watches, vehicle roadside-assistance services, and smart-home automation systems.”
Speaking on the dangerously sloppy IoT security, Ken Munro, founder of Pen Test Partners, a British firm that analyzes IoT security, said: “If we don’t address this now, systemic flaws will accelerate further. I had thought things would get better on their own, but they’re getting worse.”
At the RSA 2019, Munro demonstrated how a smart teakettle, which allows a user to boil water from a smartphone, could be wirelessly accessed, taking complete control of the device from any laptop, without a password, all for saving 30 seconds of your day, at a price of $100, Munro added. Furthermore, the shocking revelation was the owner’s home Wi-Fi password, which the teakettle lamented clearly in plaintext.
“I can drive past your house and grab this [password],” Munro added.