Nowadays, even amateur hackers can steal critical personal data from homeowners using their discarded IoT gadgets.
FREMONT, CA: In the present day, IoT devices like surveillance cameras and smart lights are making a home more modern, convenient, and connected. But the tools also pose a lesser-known threat—making personal data more vulnerable to cyber hacks.
Besides, low-cost, IoT gadgets are the primary culprits. However, budget IoT devices are also starting to represent some of the most frequently sold household products on the market. Today, even amateur hackers can steal critical personal data from homeowners using their discarded IoT gadgets.
So, how hard is it for hackers to infiltrate the data? All it takes is to sift through the trash.
Do Not Put IoT Devices in the Trash
A team of technology hobbyists wanted to the level of security in an ordinary household smart bulb. Mainly, the group needed to find if the amateur team can hack the device once it had been unplugged and thrown away. So, the group thereby dismantled some smart light bulbs, even to the point of taking out the circuit boards. Additionally, the team also tampered with the dismantled piece of equipment to study what information can be easily accessed.
Of the tested bulbs, the examiners found completely unencrypted data that could even tell the WLAN password used by the previous user. Besides, a private key for RSA encryption was also revealed. The experiment conveys a potentially terrifying message about smart technology; if hackers find an old smart bulb in a trashcan, then they can access vital personal data.
The piece of information that smart home equipment has security problems is not the news. The problem has been known for years in the IoT business. So, the experiment confirms that an old issue continues to persevere in the latest and most commonly used connected technology. With data controversies already widespread in the news, IoT manufacturers should start paying close attention to the increasing problems of data insecurity.
The dangers to IoT devices and networks include:
• Weak easy-to-guess or hardcoded passwords.
• Unconfident ecosystem interfaces.
• Lack of privacy protection.
• Lack of tool management.
• Timid default settings.
• Lack of physical hardening.
• Use of outdated components.
• Untrusted network services.
• Lack of protected update mechanism.
• Unsafe data transfer and storage.