AT THIS time last year, numerous pundits were calling 2014 the year of the Internet of Things. The prediction was everywhere. Of course there were some sceptics, but buzz around smart homes, the quantified self, and general interconnectivity felt ubiquitous.
That vision got seriously derailed. Turns out that 2014 was the year of the hack.
But it isn’t really a coincidence that where we want an Internet of Things, we get a year of hacks. The more devices and points of entry there are on a network, the more opportunities there are for an intruder to find a sneaky way in. But that doesn’t make these hacks any less clever … or problematic.
As you enjoy the warm glow of the holidays and make 2015 resolutions that involve fitness trackers and smart thermostats, here’s a list (as comprehensive as I could make it) of every appliance, personal gadget, and household item that’s ever been hacked.
Tea kettles and irons: Even these seemingly innocuous items could have spy chips in them.
Printers: There’s one in nearly every home and office, and they can be hacked to dofun things, and less fun things.
Medical devices: If Homeland has taught us anything it’s that pacemakers can be hacked. They actually can be, as can defibrillators, insulin pumps, and hospital equipment. Yikes.
Networked light bulbs:Philips Hues and other smart light bulbs have been compromised, partly because they are organised into ad hoc “mesh networks” where the transmitters and receivers in each bulb are fairly insecure and use Wi-Fi to share credentials and data. This is a problem with many Internet of Things devices.
Smart TVs: Hackers can steal account credentials, and take over built-in microphones and cameras to get eyes and ears on your life.
Baby monitors, nanny cams, security footage: A lot of these devices have easily guessable default passwords that allow hackers to easily access the livestreams and find out what’s going on in a home or business.
Webcams: These hacks have been going on for years. Basically just all cameras and/or microphones are at risk, especially because they capture such potentially valuable data. And it can be hard to tell whether they’ve been compromised. As Andrew Paterson, the senior technology officer at Britain’s Information Commissioner’s Office (ICO), told CNN in November, “If you can remotely access something, that means others can remotely access it as well and you need to lock it down — or you’re at risk.”
Nest thermostats: A hacker with physical access to a Nest can compromise it in 15 seconds.
Fitness trackers: FitBits have been hacked, but more generally Symantec released an in-depth study in July showing that most wearable fitness trackers are vulnerableto being attacked and exploited.
Toasters: Lots of kitchen appliances have been hacked to get onto home networks.
VOIP phones: Though they look like regular phones, VOIP phones are really computers in phone-like cases that can be exploited.
Refrigerators: Some reports say that networked refrigerators have been used in DDoS attacks, though others are sceptical.
USBs: Half of USB thumb drives have a fundamental vulnerability. That’s a lot of flash drives.
E-cigarettes: It’s not a data hack, but you can tamper with e-cigs and other vaporisers to make them, ahem, more effective.
Home alarm systems: Oh, the irony! But seriously this is bad.
Routers: People love hacking routers. During one contest this summer participants found 15 new vulnerabilities in five wireless models.
Toilets: Even smart toilets have been hacked.
Most of these hacks and vulnerabilities were discovered by cybersecurity researchers, and many of them have been patched. But they hint at the potential for malicious hackers to wreak havoc on the Internet of Things and beyond. The smarter cars are, the more hackable they become. Even Teslas. Oh, and also aeroplanes. AndATMs. And the grid.