Hacker Compromised Family’s Wi-Fi, Taunted Family With Thermostat, Camera for 24 Hours
A couple discovered that their Nest security system was hacked after their thermostat was repeatedly set to high temperatures despite being adjusted and the hacker started talking to them via the camera. According to the report, the attacker still had access to their smart home devices even after changing their Wi-Fi password, and the disturbances only stopped when they had their network ID changed. In a statement, Google stated that Nest was not breached and the incident may have likely been a result of using compromised passwords. The company also advised users to sign up for additional security verifications to “eliminate this type of security risk.”
[Read: Inside the smart home: IoT device threats and attack scenarios]
Consumers and industries are still discovering where the internet of things (IoT) technologies can support productivity, augment services, and offer convenience. Manufacturers and vendors are riding the wave of demand for these devices, and the breadth of available applications further emphasizes the importance security performs in protecting its users and critical infrastructures.
Trend Micro recently published a research paper on how the cybercriminal underground monetizes data and network intrusions via these IoT devices. Meanwhile, the midyear security report lists IoT attacks as one of the surfaces that cybercriminals use — and will likely continue using — to compromise user and enterprise systems, either for inbound attacks or for attacking other networks as part of a larger botnet.
[Read: From homes to the office: Revisiting network security in the age of the IoT]
Looking through another perspective, an increase in temperature in the house or in one of the hacked devices could have caused a fire in the home. Cyberattacks like these can have real world implications, such as loss of property or even life. Users are advised to ensure their devices’ security and detection against unauthorized intrusions as attackers find more ways to compromise systems. Here are a few best practices:
- Regularly change your network’s access credentials, and use stronger passwords
- Practice password hygiene: Do not use the same password for multiple online accounts
- Enable multiple authentication and verification features for devices or online accounts that support the feature
- Install a multilayered protection system that detects and blocks malicious websites, URLs, emails, and intrusions from the gateway to the endpoint
[Read: Securing smart homes and buildings: Threats to complex IoT environments]
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases