It’s gift giving time, and while it’s tempting to get that special someone a great new high-tech gift, there are some risks that go along with any connected product. As people connect more devices to their home networks, the need to take precautions becomes greater.
Every year for the past three years, security company McAfee has released a list of the most hackable holiday gifts.
According to McAfee’s annual Most Hackable Holiday Gifts list, laptops, tablets, and smartphones are the tech devices that can most easily be penetrated by hackers.
While those are the most obvious choices, the next ones in line might not be. They include drones, digital assistants, connected toys, and connected appliances.
For many toy manufacturers, says McAfee, security can be an afterthought. That means toys that have features like built-in microphones and location-based services can be vulnerable to attack.
Even if you ensure that your laptop is well protected against malware attacks and viruses, or secure devices on your home network, your fancy new Internet refrigerator, or that app-connected toy someone bought your kid and you connected to the network without thinking twice, could serve as a back door “pawn” into your private information.
With drones, McAfee points to common issues, like drone jacking and fake Wi-Fi signals from rogue drones. And with digital assistants like the Amazon Echo and Google Home, be mindful that with the ability to have an always-on microphone comes potential privacy implications. You can turn the mic off with a device like the Echo. But that defeats the purpose of the product in the first place. So consider if it’s right for you, and if you can live with the intrusion of privacy in favour of convenience.
How to Prevent Yourself Against Attacks
This isn’t meant to deter you from buying into the latest and greatest tech. Some tech toys are great introductions to STEM (Science, Technology, Engineering, Math) for kids. And you shouldn’t have to shy away from being able to enjoy the conveniences of a smart home because of worry about hackers. But you do need to be aware of the risks, and take steps to combat them.
Indeed, most people are aware of this need when it comes to the top-hacked devices, like laptops, tablets, and smartphones – 69% of those surveyed by McAfee agree that security is necessary for such devices. But only 22% recognize the importance of security for connected toys, 29% for drones, and 56% for digital assistants.
So what can you do?
Be aware. The first step is simply to be aware that these devices can be exploited by cybercriminals. “…It’s clear consumers don’t always understand the importance of protecting devices at every point of connection and within products themselves,” says Gary Davis, Chief Consumer Security Evangelist at McAfee. “In many cases, consumers are simply unaware that their devices need to be protected or how to protect them. This lack of awareness and action can be exploited by cybercriminals to break into devices and steal personal information.”
Don’t assume. The McAfee survey found that 16% of consumers believe manufacturers build security into the products, and thus they don’t need to worry about it. While this can indeed be the case to a certain degree, it is also important for you to make sure the device is connected to a network that is fully secure. As insignificant as a little app-connected toy might seem, that device could give criminals access to your network, and in turn things like a credit card number used to pay for games, for example. And sometimes, all a criminal needs is a simple name and address to start stealing your identity. A good first step: change whatever the default password is on the toy, or other item, to something unique and not easily guessed.
Do your research. Twenty-two per cent of McAfee’s survey respondents say they know they need to take security precautions, but don’t know how. Research before you connect, and ask the retailer before you buy a product how to safely connect it to your network, or to advise you of what security precautions are in place with each brand so that you can choose accordingly. Also do your own homework to see if there have been any reported security vulnerabilities related to a product, or the manufacturer of the product, you’re thinking of adding to your connected device list before you fork over the money for it.
Don’t connect to open public Wi-Fi networks. While it can be tempting to click “connect” on that seemingly open and free Wi-Fi network, don’t do it. If you have to connect while out and about, stick with Wi-Fi networks from reputable establishments, like a coffee shop, that are password-protected. Always ask staff for the network name and password so you aren’t unknowingly connecting to a spoof network with the same name. McAfee notes that cybercriminals often deploy fake Wi-Fi hotspots that appear to be legitimate, but, when used, will give them visibility into your browsing habits. If you absolutely must connect your computer or smartphone to an open Wi-Fi network, make sure you don’t access anything like your bank accounts or other private information, don’t shop online while doing so, and log off immediately once you’re done.