Hacking in children's games: Αρχές του Δεκέμβρη του 2015, μάθαμε ότι ένας hacker κατάφερε να παραβιάσει τους servers της Κινέζικης εταιρείας constructionof VTech toys and harvested personal data from nearly five million parents and more than 200.000 children.
Hacking data includes home addresses, names, birthdays, email addresses, and passwords. The data also contained photos and chat logs of parents with their children.
The exploit raised the obvious question: which games are connected to the Internet, and how many of them have loose security?
How many millions or hundreds of millions of children are at risk for this?
We received a partial response in November when Bluebox Security discovered serious weaknesses in Mattel's Hello Barbie, a doll with the ability to connect to the Internet.
Hello Barbie: Keep the new Mattel doll away from children
It is very likely that the majority of Internet connected games have serious weaknesses and there are many reasons for this:
It's something new in the market and hackers have a lead in a virgin space. The Internet of Things - devices connected to each other and to the Internet are not just for games. The Internet of Things includes everything you can imagine: cars, refrigerators, TVs, kettles, a bunch of digital and semi-analog devices.
The Internet of things is not safe, mainly because companies do not feel compelled to invest the time, money and effort needed to secure their devices. International safety standards or guidelines are from loose to non-existent.
To make matters worse, companies are not required to tell consumers what kind of information they collect and how to protect them.
The recall of Fiat in Chrysler cars in July of 2015, when 1,4 recalled millions of Chrysler, Dodge, Jeep and Ram proved the extent of the problem.
The company knew for some time the vulnerabilities in the Uconnect systems but did not mention it (and of course did not fix it) until the Wired magazine proved with a publication that all the vehicles that use them are susceptible and that the driver could even lose control at the wheel.
Protecting children from hacking attacks it is something extremely important. They are vulnerable and innocent. This makes them emotionally charged targets for blackmail attacks.
Imagine if a really bad hacker had access to VTech systems and was stealing data taken from the cameras to extort money from parents threatening to harm their children.
Last year, the Fox 19 in a post reported that a hacker broke the baby monitoring system in a home in Cincinnati, Ohio, and started screaming "Baby Wake up!" to a 10-month-old baby girl.
Shock! An infected hacker violated baby monitor camera
Είναι πιθανό ότι το κόστος ανάκλησης των προϊόντων ενισχύει τα κίνητρα για περισσότερη ασφάλεια. Όμως τα θύματα σπάνια αποζημιώνονται για την απώλεια δεδομένων της ταυτότητάς τους. Η VTech κερδίζει 2 δις δολάρια το χρόνο και αναφέρει ότι τα products για παιδιά με σύνδεση στο Internet είναι ένας από τους ταχύτερα αναπτυσσόμενους κλάδους.
What will happen next?
Solutions are not easy and they need not only incentives but regulations, coordination and control mechanisms. The Internet of the Internet seems to be preparing to launch into millions of devices within 2016 without basic security settings. Security standards should already have been set before the devices arrive at our homes, for a safer online world that is also used by our children.
