Why Hackers Control Your Toilet, Coffee Maker and Pacemaker
NEW YORK ( MainStreet) Home security systems. Fancy high-tech toilets. Baby monitors. What they have in common is this: all are networked devices and all have been hacked.
In Houston, a hacker took control of a Foscam baby monitor and apparently yelled at the two year-old, "Wake up, you little slut," or so reported the startled parents.
In Japan the Satis toilet, which can be controlled by a smartphone app, has been shown to be hackable, meaning attackers can flush it, raise the seat, and in other ways drive a rightful user nuts.
In England, researchers at security firm Trustwave found it simple to take control of networked home security systems and either turn them off or - perhaps more creepily - use the systems to spy upon a home's occupants.
The list could go on. "The Internet of Things is very vulnerable," said Michael Fiske, CEO of San Francisco cybersecurity firm Biogy. He ominously added: "You can hack pretty much anything that is connected to the Internet."
As long ago as 2001, an Australian man, angry because his job application was rejected, hacked into and caused a local sewage system to dispel millions of liters of raw sewage into parks, rivers, even a luxury hotel. At the time, an official with the Australian Environmental Protection Agency said: "Marine life died, the creek water turned black and the stench was unbearable."
Awful as that incident seems, the potential disasters are much more menacing today, mainly because so many devices now are on the Internet. "There are billions of connected devices, billions of vulnerabilities," said Alan Grau, CEO at security company Icon Labs.
It's personal appliances such as baby cams and coffee makers. But sometimes it is much bigger stuff.
Hackers have already demonstrated proof of possible hacks into smart electrical grids, for instance, that let them put stretches of the grid into darkness. That could mean your apartment building is plunged into a malicious darkness even as neighbors have lights.
Other hackers have shown that today's automobiles - in many ways really computer peripherals - can be controlled externally, meaning the cars can be ordered to stop, to speed up, to turn, to do just about anything a hacker wants them to do.
Highly skilled hackers have shown they can even trick air traffic control systems into believing a fictional flight is real. And that could cause chaos at airports around the country.
How can this be so easy? Dwayne Melancon, CTO at IT security firm Tripwire, pointed to two factors where the first is that, in almost every case, the networked devices were never designed with security in mind. Design aesthetics, costs, ease of use - all rate high in creating refrigerators, baby webcams, toilets, etc. But just about nobody is keen to dwell on the need for security, especially not if it adds costs or layers of user inconvenience.