Your browser is obsolete!

The page may not load correctly.

Look out for your things!

Следите за вещами!

Other issues in this category (9)
  • add to favourites
    Add to Bookmarks

Of kettles and men

Read: 391 Comments: 11 Rating: 16

"And the three educational games—Guess the Colour, Train Attention and Train Memory—will keep your children busy!" Try to guess what device we are talking about. The answer is a kettle or, to be more precise, a smart kettle. "Set how often the colour changes and play funky music (or a soft tune), and the kettle will create an atmosphere that matches the mood of your family members".

But why is the Anti-virus Times talking about a kettle? Well, the answer is simple: the device uses Bluetooth and Wi-Fi connectivity, and, therefore, it can become a target for hacker attacks. To seize control over the device, Intruders may take advantage of vulnerability exploits or simply crack the password. The latter is more likely since default passwords are absent altogether or printed in user guides. And, of course, that password needs to be changed as soon as possible. But who actually bothers to do that? Furthermore, how many ordinary users can upgrade a kettle’s firmware to patch vulnerabilities? We think you know the answer.

Hackers now use smart kettles to mine cryptocurrencies and mount DDoS attacks. More often than not, kettle owners neglect to set a password—the most critical vulnerability of all.

Source

The publication also indicates that as many as 25% of gadget owners do not realise that devices featuring network connectivity require protection. We believe that this is a very conservative estimate.

"If you never change your kettle’s settings, hackers will have an easy time discovering the location of your household and gaining control over the device", Ken Munro says. "Attackers will need to set up a malicious network with the same SSID but a signal stronger than the one the iKettle usually connects to and then send the kettle a disassociation packet that will cause it to drop its wireless link".

. "Attackers will need to set up a malicious network with the same SSID but a signal stronger than the one the iKettle usually connects to and then send the kettle a disassociation packet that will cause it to drop its wireless link".

Source

And don't assume that a hacker will just want to make some tea!

Then I just need to feed two commands to the kettle, and I will have your Wi-Fi access password in plain text.

Source

And what if the same thing happens to a smart door lock rather than to an ikettle?

Research conducted by Hewlett-Packard shows that 70% of devices accessing the internet are easy to hack into. As many as 60% of them had unpatched vulnerabilities in their web interface.

Source

#bank_card #data_loss_prevention #crime #fraud #SMS

Dr.Web recommends

  1. Change the default password on every device you buy before you start using it—common passwords can easily be cracked.
  2. Make sure that your device uses a secure communication channel (HTTPS).
  3. Install updates.
  4. Once you have finished setting up your device, log off from the configuration interface. Don't just close the browser—sign out.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments