Cybercriminals ‘easily hack gadgets like speakers and doorbell cams’ | UK | News | #government | #hacking | #cyberattack

The weaknesses in security could easily be exploited by domestic abusers as well as thieves and snoopers, it claimed.

Research by Which? highlights poor protection on devices that are likely to be no longer supported by tech firms, including Amazon and Google, leaving them vulnerable to data theft and spying.

Ethical hackers, invited by consumer champion Which? to test eight products, comfortably got access.

In most of the cases, the items no longer received vital software security updates.

Some of the products had been abandoned by the manufacturer within only five years of their launch, it found. 

Which? wants the Government to set minimum periods of time that smart products must receive security back-up.

The products tested were a first-generation Amazon Echo smart speaker, a Samsung Galaxy S8 Android smartphone, a Virgin Media Super Hub 2, a Summer Infant Liv Cam baby monitor, a Google Nest Hello video doorbell, a Philips TV, an HP Deskjet printer and a Wemo smart plug.

Which? found 37 vulnerabilities across the devices, including 12 rated as high risk and one rated as critical.

The majority of the vulnerabilities were in the public domain, so if ethical hackers can find them so can malicious attackers.

The watchdog’s Rocio Concha said: “Our investigation highlights real-life dangers posed by smart products no longer adequately protected.

“It is chilling to think they could also be exploited by domestic abusers.”

HP said: “We recommend customers set strong, unique passwords and use auto firmware updates to best secure their devices.”

Virgin said customers still using the Super Hub 2 should request an upgrade.

Which? shared its findings with Amazon, Google, Philips and Wemo but none had supplied a comment.

The watchdog did not contact Samsung and Summer Infant as their devices were out of the official support window.

Original Source link

Leave a Reply

Your email address will not be published.

− six = 1