Holiday hacker harm: Security expert gives warning about cyber criminals targeting tech toys

It`s that time of year where we start to make our list and check it twice and if you`re like a lot of people and your holiday gifts will involve technology -- we have a warning for you. I talked to an expert about how hackers can get inside your home through devices you may think are harmless. “We as consumers are under attack constantly,” explains Chad Larsen, Director of Technical Services at Leviathan Security Group. And he should know, because he tests security for companies and their new products. “As we go into the holiday season it seems like there is a proliferation of Internet-connected devices,” Larson remarks. He says these devices could lay out a welcome mat for thieves. “The problem here is that a lot of these applications, systems are being rushed into the market without any security architecture being applied to them whatsoever,” Larson continues. Take one of the top tech toys of 2015: “This 'Hello Barbie' is an online, WiFi enabled recording device that is intended to interact with your kids. That’s a concern, having a Barbie connected to your wireless network, effectively recording all of the ambient conversations around it and sending those off to the Cloud. The security implications of that are pretty significant,” Larsen adds.

And then there’s a toy called 'Robio' that got hacked a few years ago and the result is almost unbelievable. “What they showed was that you could actually connect to the robot itself because it has its own WiFi network and you can just connect to it if it’s not configured properly, they were able to drive it around inside someone’s house, take a picture of their keys and then send that to an Internet service that made perfect replicas just based on a picture, so within 24 hours they had physical access to the home because of one of these internet enabled toys.” This information is jolting, but not uncommon. The good news is that this is a perfect time to take precautions. Larsen says, “There are hundreds of thousands of these devices coming out on the market.” Step 1: Keep your systems updated at all times and then go a step further. Larsen says, “The software packages that are on the computers, for instance Microsoft Office packages, or Adobe is a famous one for vulnerabilities, those two need to be updated as well.” Step 2: For those who use devices that connect through WiFi, set up as a guest network. Larsen is quick to add, “The important point there is to ensure that your guest network has a different set of passwords and that you’re not conducting anything important to yourself.” In other words keep your guest network separate from where you would do online banking and other possible vulnerable activities Larsen says to make sure those external devices stay updated as well. “A lot of times you’ll have a device that’s plugged into your network that is performing some sort of function, say for instance, home automation that has an update process, it’s also critical to log into those administrative pages and perform those updates as well.” Step 3: Make sure your passwords are strong. Use a nursery rhyme or something difficult for a third party to guess. Larsen advises, “Putting together pass phrases that are simple for you to remember and per-mutating them in any manner is an interesting way to do that.” The bottom line is to be proactive when using WiFi of any kind and don’t assume because it’s on the market that it’s safe. Larsen says, “Even if somebody is fairly well-versed in their home network security these devices will open up holes and avenues of attack without their knowing it.” So don’t let high-tech gifts steal your holiday cheer this season. Take the extra steps to protect yourself now and into the New Year.