Don’t trust that lamp! How 12 common devices can now be hacked

The Internet of Things is making more and more items in our lives connected and smart, but also juicy targets for those with bad intents

internet of things rev
Credit: ITworld/Steve Traynor

Editor's Note: If you are unable to advance to the next slide, try disabling AdBlock. We apologize for the inconvenience.

The Internet of Things, that is to say all of those devices we use that are connected or "smart," continues to multiply like rabbits in spring. According to various sources, the number of wirelessly connected devices is estimated to reach more than 40 billion worldwide by 2020, including one billion smart electric meters, 150 million connected cars, and 100 million smart lights. From insulin pumps to thermostats to coffee makers, more and things we use in our daily lives that we don’t normally think of as computers, are, in fact, behaving like computers.

By now having brains and being connected, these devices make our lives easier by offering apps to control them and by tailoring their behavior to us. But this convenience comes at price; namely, that many of these devices that we now connect to our computers, home networks or the Internet are now susceptible to malware and hacking. Use the navigation buttons above to see how 12 devices many of us use in our daily lives have been shown to be hackable.

See also:

Natural defenses: 8 IT security tactics found in nature

Sher-locked: 12 famous passwords used through the ages 

Red hotspots: The 15 countries where public Wi-Fi is growing the fastest

Ringing a bell: 11 common phrases and terms that came from obsolete technology

 

A man using an electronic cigarette
Credit: REUTERS/Regis Duvignau
E-Cigarettes

While e-cigarettes may be safer for the health of smokers than regular smokes (though, even that is in question) there’s one thing that’s unquestionably in more danger from the switch: your computer. E-cigarettes need to be charged and often come with a USB cable for that purpose which can be plugged into the wall or your computer. Earlier this year, a former smoker turned “vaper” was the victim of malware installed in the USB charger of his e-cigarettes that originated in China. Before the source was determined, the malware spread from the victim’s work computer, proving that vaping could be very bad for your local network.

A printer display hacked to say Insert cheese in tray 1
Printers

Once upon a time, home printers were fairly dumb items that you plugged directly into your home PC. Nowadays, though, they’re separate - and smarter - devices connected to your home home network to enable wireless printing, copying and scanning. That means, of course, that they’ve also become easy targets for hackers. In 2011, researchers from Columbia University found that millions of printers were susceptible to attack through spoofed firmware upgrades. In that same year, a security researcher demonstrated how he could take control of printers to post copies of printed documents to the Internet or use them find and infect computers on the local network. This means that there are now other ways that printers can drive us nuts, beyond just displaying PC LOAD LETTER.

A Nest thermostat
Credit: REUTERS/George Frey
Thermostats

Smart thermostats, like Google’s Nest, help to make our homes more comfortable and energy efficient. These devices can do things like automatically raise the temperature when they detect your presence in the house. They can also connect to your WiFi network for the purpose of downloading software updates and handy 3rd party apps. That was all great, until security researchers figured out how to hack Nest earlier this year. Through a hardware backdoor, they were able to put the device into developer mode, which could let criminals gain access to your data or take over the device to spread malware and take control of other smart appliance around your house. Maybe it’s better if you stick with a dumb thermostat and just wear an extra layer when it gets cold.

A Medtronic Corp insulin pump
Credit: REUTERS/Brian Losness
Insulin pumps

For those afflicted with Type 1 Diabetes, a condition in which the pancreas no longer produces insulin to regulate glucose levels, insulin pumps are life-saving as well as life-altering devices. Insulin pumps are becoming increasingly smart and connected, which helps patients with T1D and their doctors to better manage the disease but also makes them susceptible to hacking. In 2011, a security researcher demonstrated that he could take control of several widely used insulin pumps manufactured by Medtronic via the pump's radio transmitter that enable it to talk to a USB device connected to a computer. The consequences of such hacks could be lethal, such as administering an overdose of insulin. Murder-by-Internet doesn’t seem so far-fetched anymore.

Philips Hue light bulbs and wireless bridge
Light bulbs

Smart lights, like Philips’ Hue Lighting System, allow you to remotely control them from anywhere by using an app. They can also allow to you to choose the brightness and even the color given off by specific bulbs. Unfortunately, such systems can also be hacked, as a proof-of-concept demonstrated with the Hue system last year. The problem was with the weak authentication system used by a wireless bridge to validate devices. Malicious code served from a web page on the same local Wi-Fi network could let hackers take control of your lights and a create blackout that you couldn’t blame on the electric company.

The Android Auto interface is seen in an Audi S3
Credit: REUTERS/Elijah Nouvelage
Cars

As you’ve probably already heard, someday soon your car will drive itself. Well before that becomes a reality, however, cars are already chock full of systems that can be hacked eight ways to Sunday. Back in 2011, researchers identified a number of ways to take control of various systems in your car, via Bluetooth, cellular, diagnostic tools and even by putting malicious code in an MP3 file which can infect the car through the stereo. The potential havoc hackers could wreak on your car range from giving thieves access to steal it, to much scarier things like turning off your headlights, killing the engine or locking the brakes. That old ‘89 Geo Metro you had doesn’t seem so bad now, does it?

A display of refrigerators
Credit: REUTERS/Jim Young
Refrigerators

We all know what a drag it is to have our morning bowl of cereal scuttled by discovering there isn’t any milk in the fridge. Luckily, smart refrigerators now let us remotely check on the current supply of milk or beer or other essentials, so you can stop off on the way home from work. Not-so-luckily, though, as was reported by security company Proofpoint earlier this year, refrigerators were one type of smart home device recently hacked and used to send out hundreds of thousands of malicious emails. They were part of a botnet that also included home devices such as routers, smart televisions and multimedia systems. To protect yourself from such intrusions, the next time you’re at the supermarket, just buy an extra quart of milk.

Digital picture frame
Picture frames

With the rise of digital photography in the previous decade, picture frames were one of the early household devices to get smart, so they could display all of those photos we began taking but no longer printing. Unfortunately, they also became one of the first household devices to begin carrying malware, spreading the malicious code to computers via USB connections and software installation CDs as far back as 2008. Even if digital cameras are all you ever use again, you may want to consider simply printing out those great pics of you and the family at the Grand Canyon for display, just to be safe.

Close up of the TiVo logo
DVRs

DVRs have changed the way most of us watch television, by making it easy to watch our shows and movies whenever we want, as well as to pause and rewind live programming. However, being devices connected to the outer world through our cable or satellite provider, DVRs have also provided another way for hackers to get into our homes and businesses. In 2012, a DVR connected to a credit union network was found to be the source of malware which was targeting the bank’s customers. Earlier this year, EPCOM Hikvision DVRs, a type commonly used in conjunction with video surveillance cameras, was found to be a regular target of hackers, who would infect the DVRs and turn them into Bitcoin miners. So, Honey Boo Boo may no longer be the worst thing on your DVR.

A Samsung Curved Smart TV
Televisions

While content available only through the Internet is exploding, people still want to be able to consume much of it the old fashioned way - through their televisions. Hence the phenomenal growth of smart TVs, with 100 million of them expected to be in use in homes by 2016. Not surprisingly, TVs that now access the web and run apps just like a computer can also be hacked like a computer, as researchers were able to do with recent models of Samsung Smart TVs. A particular problem for smart TVs is that, unlike computers, they only support a single user, so if a hacker gets access to the TV, they’ll have access to everything on it. Kind of makes you pine for the days of manual channel dials and rabbit ears.

An X-ray picture on a monitor showing an implanted pacemaker
Credit: REUTERS/Fabrizio Bensch
Pacemakers

Implanted medical devices like pacemakers enable millions of people with heart ailments and other issues to live longer, fuller lives. In the last decade, the FCC has set aside radio frequency bands for implanted medical devices to use for receiving new instructions from medical professionals, which improves care but now makes them more accessible to hackers. Security researchers have shown that hackers could take control of these devices via radio transmission and insecure backdoors. People with malicious intent could cause a wide range of trouble from stealing personal data stored on the devices to infecting remotely connected servers to committing murder from afar. Move over, microwaves; you’re no longer the biggest threat to pacemaker wearers.

Curiosity self-portrait on Mars
Mars rovers

While the rovers currently roaming around the surface of Mars obviously aren’t exactly common devices, they’re certainly smart and are most definitely connected, as evidenced by the Curiosity rover's Twitter account. While NASA obviously needs to be able to talk to their rovers to give them instructions and send software upgrades, that means they're also vulnerable, in theory, to hackers. Earlier this year it was discovered that the software on the Curiosity rover contains a bug in a widely used data compression algorithm that had gone unnoticed for almost 20 years. If NASA hasn’t yet applied a patch, hackers could, if they could get a malicious payload of code to Curiosity, do things like launch a denial of service attack, effectively shutting the rover down - and it wouldn’t be rocket science.