Hacking σε παιδικά παιχνίδια: Αρχές του Δεκέμβρη του 2015, μάθαμε ότι ένας hacker κατάφερε να παραβιάσει τους servers της Κινέζικης εταιρείας κατασκευής παιχνιδιών VTech και απέσπασε προσωπικά δεδομένα από σχεδόν πέντε εκατομμύρια γονείς και περισσότερα από 200.000 children.
Hacking data includes home addresses, names, birthdays, email addresses, and passwords. The data also contained photos and chat logs of parents with their children.
The exploit έθεσε το προφανές ερώτημα: ποια από τα παιχνίδια συνδέονται στο Internet, και πόσα από αυτά έχουν χαλαρή ασφάλεια;
How many millions or hundreds of millions of children are at risk for this?
We received a partial response in November when Bluebox Security discovered serious weaknesses in Mattel's Hello Barbie, a doll with the ability to connect to the Internet.
Hello Barbie: Keep the new Mattel doll away from children
It is very likely that the majority of Internet connected games have serious weaknesses and there are many reasons for this:
It's new to the market and hackers have a head start in a virgin space. The Internet of Things – devices that connect to each other and to the Internet, isn't just for gaming. The Internet of Things includes every device you can imagine: cars, ψυγεία, τηλεοράσεις, βραστήρες, ένα σωρό ψηφιακές και ημι-αναλογικές συσκευές.
Το Ίντερνετ των πραγμάτων δεν είναι safe, κυρίως επειδή οι εταιρείες δεν αισθάνονται υποχρεωμένες να επενδύσουν το χρόνο, το χρήμα και την προσπάθεια που απαιτείται για να εξασφαλίσουν τις συσκευές τους. Τα διεθνή πρότυπα ασφαλείας ή οι κατευθυντήριες γραμμές είναι από χαλαρές έως και ανύπαρκτες.
To make matters worse, companies are not required to tell consumers what kind of information they collect and how to protect them.
The recall of Fiat in Chrysler cars in July of 2015, when 1,4 recalled millions of Chrysler, Dodge, Jeep and Ram proved the extent of the problem.
The company knew for some time the vulnerabilities in the Uconnect systems but did not mention it (and of course did not fix it) until the Wired magazine proved with a publication that all the vehicles that use them are susceptible and that the driver could even lose control at the wheel.
Protecting children from hacking attacks is something extremely important. They are vulnerable and innocent. This makes them emotionally charged targets for blackmail attacks.
Imagine if a really bad hacker had access to VTech systems and was stealing data taken from the cameras to extort money from parents threatening to harm their children.
Last year, the Fox 19 in a post reported that a hacker breached it system baby monitor at a home in Cincinnati, Ohio, and started screaming "Baby Wake Up!" in a 10-month-old girl.
Shock! An infected hacker violated baby monitor camera
It is likely that the cost of recalling products strengthens the incentives for more security. But victims are rarely compensated for the loss of their identity data. VTech earns 2 a billion dollars a year and reports that children's products with an Internet connection are one of the fastest growing industries.
What will happen next?
Solutions are not easy and they need not only incentives but regulations, coordination and control mechanisms. The Internet of the Internet seems to be preparing to launch into millions of devices within 2016 without basic security settings. Security standards should already have been set before the devices arrive at our homes, for a safer online world that is also used by our children.
