Off-the-shelf smart devices found easy to hack

March 13, 2018

BEER-SHEVA, Israel...March 13, 2018 - Off-the-shelf devices that include baby monitors, home security cameras, doorbells, and thermostats were easily co-opted by cyber researchers at Ben-Gurion University of the Negev (BGU). As part of their ongoing research into detecting vulnerabilities of devices and networks expanding in the smart home and Internet of Things (IoT), the researchers disassembled and reverse engineered many common devices and quickly uncovered serious security issues.

"It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices," says Dr. Yossi Oren, a senior lecturer in BGU's Department of Software and Information Systems Engineering and head of the Implementation Security and Side-Channel Attacks Lab at Cyber@BGU. "Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products."

"It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand," says Omer Shwartz, a Ph.D. student and member of Dr. Oren's lab. "Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely."

The BGU researchers discovered several ways hackers can take advantage of poorly secured devices. They discovered that similar products under different brands share the same common default passwords. Consumers and businesses rarely change device passwords when purchased so they could be operating infected with malicious code for years.

They were also able to logon to entire Wi-Fi networks simply be retrieving the password stored in a device to gain network access.

Dr. Oren urges manufacturers to stop using easy, hard-coded passwords, to disable remote access capabilities, and to make it harder to get information from shared ports, like an audio jack which was proven vulnerable in other studies by Cyber@BGU researchers. "It seems getting IoT products to market at an attractive price is often more important than securing them properly," he says.

Tips for IoT Product Security

With the goal of making consumers smarter about smart home device protection, BGU researchers offer a number of tips to keep IoT devices, families and businesses more secure: "The increase in IoT technology popularity holds many benefits, but this surge of new, innovative and cheap devices reveals complex security and privacy challenges," says Yael Mathov, who also participated in the research. "We hope our findings will hold manufacturers more accountable and help alert both manufacturers and consumers to the dangers inherent in the widespread use of unsecured IoT devices."
-end-
Click here to access the paper.

The BGU research collaboration also includes Michael Bohadana, a researcher at Deutsche Telekom Innovation Labs@BGU and Prof. Yuval Elovici, director of Cyber@BGU, director of Deutsche Telekom Innovation Labs@BGU and a member of the BGU Department of Software and Information Systems Engineering.

American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, headquartered in Manhattan, has nine regional offices throughout the United States. For more information visit https://aabgu.org/.

American Associates, Ben-Gurion University of the Negev

Related Consumers Articles from Brightsurf:

When consumers trust AI recommendations--or resist them
The key factor in deciding how to incorporate AI recommenders is whether consumers are focused on the functional and practical aspects of a product (its utilitarian value) or on the experiential and sensory aspects of a product (its hedonic value).

Do consumers enjoy events more when commenting on them?
Generating content increases people's enjoyment of positive experiences.

Why consumers think pretty food is healthier
People tend to think that pretty-looking food is healthier (e.g., more nutrients, less fat) and more natural (e.g., purer, less processed) than ugly-looking versions of the same food.

How consumers responded to COVID-19
The coronavirus pandemic has been a catalyst for laying out the different threats that consumers face, and that consumers must prepare themselves for a constantly shifting landscape moving forward.

Is less more? How consumers view sustainability claims
Communicating a product's reduced negative attribute might have unintended consequences if consumers approach it with the wrong mindset.

In the sharing economy, consumers see themselves as helpers
Whether you use a taxi or a rideshare app like Uber, you're still going to get a driver who will take you to your destination.

Helping consumers in a crisis
A new study shows that the central bank tool known as quantitative easing helped consumers substantially during the last big economic downturn -- a finding with clear relevance for today's pandemic-hit economy.

'Locally grown' broccoli looks, tastes better to consumers
In tests, consumers in upstate New York were willing to pay more for broccoli grown in New York when they knew where it came from, Cornell University researchers found.

Should patients be considered consumers?
No, and doing so can undermine efforts to promote patient-centered health care, write three Hastings Center scholars in the March issue of Health Affairs.

Consumers choose smartphones mostly because of their appearance
The more attractive the image and design of the telephone, the stronger the emotional relationship that consumers are going to have with the product, which is a clear influence on their purchasing decision.

Read More: Consumers News and Consumers Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.