In today’s technology culture, there’s an app for everything. The Apple iPhone comes with a whole host of apps upon immediate purchase, including iTunes, the iTunes Store, a text messaging app, a camera, alarm, stopwatch, calendar, Face Time, Google Maps, a weather app, and even a Health app that can monitor daily steps, flights climbed, and distance.
Hackable by design
It won’t surprise anyone that we can now control inanimate objects from an app on our smartphones. In fact, there’s a term for it! The Internet of Things is the network of objects that can be controlled remotely, since they are embedded with electronics, sensors, internet capabilities, and more.
What will surprise people is just how vulnerable these items are to hackers. Research by HP Fortify found that objects controlled electronically have at least twenty-five qualities that make them susceptible to exploitation, per device!
Among the long list of vulnerable items are refrigerators, baby monitors, smart locks, and home alarms. They make easy targets for hackers to steal Wi-Fi access, personal information, and control of your device.
Your WiFi password is showing
Even when we just want to stay in and enjoy a nice cup of tea, our information is at risk. In London, a security agent proved that kettles are just one more place for hackers to get information. He mapped out a set of kettles across the city by looking for pots controlled by the iKettle app, then hacked each insecure system for WiFi passwords.
The iKettle app allows users to start boiling water for their kettle just by touching a button on their smart phone. But the convenience gained by boiling water remotely might be outweighed by the vulnerable position of users. Pen Test Partners’ Ken Munro explains, “So I can sit outside of your place with a directional antenna, point it at your house, knock your kettle of access point, it connects to me, I send two commands and it discloses your wireless key in plain text.” Yikes!
Internet of Things: less than 2 hours to crack
When iKettle is configured with the Android app, users are particularly susceptible because passwords remain at the default setting. iOS app users are a bit safer—but it will still only take an hour or two to crack the six digit password.