Top 10 strange things that got hacked
As technologies are taking increasingly more significant parts of our lives, so are cyber threats. Sometimes hackers catch us off guard where we least expect them to. Here's the list of ten strange things that have been hacked.
1. Casino hacked via fish tank thermometer
Everyone knows that computers and smartphones are vulnerable to hacks. But have you ever thought that hackers could steal your data via a smart thermometer? This is precisely what happened to a casino in North America.
The cybercriminals found and exploited a vulnerability in a smart thermometer used to monitor the water of a fish tank in the casino's lobby and got a foothold in the network. They then found a high roller database, which possibly included information about the casino's biggest spending clientele along with other personal information. The hackers dragged the database across the network through the thermostat and up to the cloud, essentially stealing it.
2. Baby monitors allow hackers to interact with children
The last thing that any parent wants is to put their children in danger. However, getting a smart baby monitor for your child might do just that.
In one instance, a hacker broke into a Nest wireless system used by a Texan couple to monitor their infant son and started shouting sexual swear words to the four-month-old baby. When a couple, who was lying in bed at the time of the event, turned on the light to go upstairs and check on the baby, their own camera turned on, and the hacker threatened to kidnap the child if they did. Thankfully, it was a baby monitor hack, and no physical threat was present. In another case, a family in Minnesota found photos of their baby posted on another website due to a baby monitor compromise.
3. Kids' toys classified as illegal surveillance devices
In addition to baby monitors, smart kids' toys also hold many cyber risks. Equipped with sensors, microphones, cameras, and other multimedia capabilities, they can be easily turned into coveted spying devices if hacked.
In Germany, smart-doll My Friend Cayla was banned since it was found it could be hacked via its Bluetooth connection. The hacker then could listen in on conversations or communicate directly with the child. The German Federal Network Agency classified Cayla as an 'illegal espionage apparatus'.
In another instance, CloudPets, cute plush toys that come in the form of various animals, came under fire for various security infringements. CloudPets have a built-in function that allows children and parents to exchange messages recorded by the toy. Spiral Todays, the manufacturer behind the toy, stored the private information of the toy's users, including the messages, in a vulnerable database that eventually got breached. Researchers also later found the toy could be used to transmit the hacker's voice via a Bluetooth connection. In fact, researchers hacked one of the toys and made it order itself some cat food from a nearby Amazon Echo.
4. Hacker-controlled sex toys
Sex is one of the most personal things we do as people. However, hackers can turn your intimate moments into a nightmare. Panty Buster sex toy for women was also discovered to be vulnerable. Whenever the person using the Panty Buster wants to give control of the toy to someone, such as, for instance, their partner, they have the app create a link. However, the generated links were easy to guess, giving the toy control to virtually anyone on the internet who manages to do so.
5. Vacuum cleaner turned spying device
A team of researchers from the National University of Singapore and the University of Maryland hacked a vacuum cleaner and turned it into a secret listening device, even though it did not have a microphone. Instead of exploiting vulnerabilities in the vacuum technology, they exploited the added benefits of the vacuum. In this particular case, it was light detection and ranging (LiDAR) sensors that help the vacuum cleaner navigate and map its surroundings.
By taking advantage of the LiDAR sensors, they were able to grab the vibrations made by sound waves that were then processed to recover the actual conversation and sound coming from the TV with an accuracy of a whopping 90%. The same techniques could potentially be applied to any device containing LiDAR sensors.
This case is not the first use of laser technology for eavesdropping. During the Cold War, laser microphones were commonly used as a spying device as they were virtually undetectable.
6. Your smart TV is watching you
A smart TV is yet another device in your house that is vulnerable to hacks. FBI issued a warning to smart TV users that their beloved devices could be used to watch and eavesdrop on them. Besides the fact TV manufacturers and app developers could utilize them to track you, an unsecured smart TV can also act as a gateway for hackers to get into your home via router and get to your computer and other devices. What is more, hackers can take over your smart TV and control it remotely by changing the channels whenever they want to or, worse — monitoring you via the smart TV's camera and microphone.
7. Horror car wash
Not only are smart home appliances, toys, and gadgets susceptible to hijacking, but industrial equipment too can suffer from hacks. In an experiment, researchers hacked into the PDQ LaserWash system in an automatic car wash facility. The team found multiple remotely controllable features which could be life-threatening to the car wash users when abused. For instance, hackers could take over the functions of bay doors to trap a vehicle inside, remove safety signals, take over mechanical arms to pound on the vehicle, and direct streams of water at the vehicle's door to prevent the passengers from exiting.
8. A hijacked apartment's heating system leaves people freezing
Imagine losing control of your heating to cybercriminals. It could happen. Actually, it already did. A distributed denial of service (DDoS) attack disrupted at least two blocks' heating systems and hot water systems in Lappeenranta, Finland. DDoS is a common cyberattack with the goal of making an online service unavailable by overwhelming it with a flood of internet traffic. As a response to cyberattacks, the systems rebooted, however, got stuck in a loop restarting repeatedly. The system eventually shut off, leaving people freezing for over a week.
Whitehat hackers have also uncovered a ransomware scenario where thermostats could get locked out by cybercriminals until the ransom is paid.
9. Tornado sirens hacked ahead of a major storm
Two North Texas towns, DeSoto and Lancaster, had their tornado siren systems hacked as they were awaiting a big storm. Between 02:30 and 04:00 AM (local time), a hacker set off over 30 of the cities' tornado sirens, causing panic in the middle of the night. Due to the hack, the systems were taken offline the next morning, just before the storm was supposed to hit the area. Fortunately, no tornadoes formed during the storm, so the sirens weren't needed.
10. Deadly pacemaker hack
Sometimes hacks can be life-threatening. Researchers from WhiteScope found some of the pacemakers on the market to have multiple vulnerabilities that put them in danger of getting hacked. If compromised, cybercriminals could control the pacemakers by withholding the shocks when patients need them and giving them shocks when they are not, or even depleting the device's battery.
How you can protect your smart devices from hacks
While many of the issues related to smart devices are due to the manufacturers' fault, there are several things you can do to decrease the likelihood of your smart device getting hacked.
- Keep your device up to date. Always install the latest updates to your software whenever they become available. Software updates often contain fixes and patches to bugs and other vulnerabilities that may be present in the software.
- Change the default password and username. Changing your smart device's password and username is one of the easiest ways to safeguard it against possible attacks. Default passwords and usernames that come with many Internet of Things (IoT) products are easy to guess. Instead, use a complex and unique password consisting of lower and upper case letters, numbers, and other symbols.
- Enable two-factor authentication. Enable two-factor authentication on your smart device's apps. It adds a layer of security, reassuring that no one can access your accounts without presenting an extra piece of information. Even if hackers break into your account, they will not be able to log into your account without external confirmation.
- Use a VPN when possible. While a VPN might not be compatible with all smart devices, your computer, phone, or TV can benefit from one. VPN changes your actual IP address and sends your data through an encrypted connection, giving you an additional layer of online security and privacy. Atlas VPN offers apps for your computer, mobile phone, as well as Android TV, and Amazon Fire TV devices so that you can protect them all with a single subscription.
- Evaluate whether you really need a smart device. Whenever getting a smart device, weigh the benefits against the risks. While a smartphone is more or less a must in today's world, a smart toy with questionable security might bring more harm than joy.
Check out our other articles on IoT device security:
Why you should revisit smart TV privacy settings
IoT devices at risk of compromising your digital identity
IoT malware attacks worldwide surge by 66% to over 50 million in 2020