Smart speakers, locks, cameras and doorbells are also vulnerable, vpnMentor found.
When a smart speaker aggregates customer data, or a car dashboard highlights the nearest McDonalds, the marketer and the consumer assume the devices can be trusted.
But recent research by Israeli security firm vpnMentor raises red flags about whether the Internet of Things could turn into the Internet of Spying Things.
What vulnerabilities were discovered? The company recently announced the results of work by a group of “ethical hackers” it employed in March and April of this year.
In one project, the group was able to connect an SD card reader to a first-generation Amazon Echo and install malware that could listen in to the owners’ daily life or interfere with the Echo’s control of other household devices like smart locks or appliances.
The use case for this Manchurian Candidate-like Echo envisions that the hacked speaker was purchased as a used smart speaker on the open market.
Peter Campbell, CEO of vpnMentor’s PR firm, Kaizensearch, said that Amazon corrected the speaker’s vulnerability in the second-generation Echo — but there is no Amazon program to certify any used smart speaker. If some enterprising hacker is able to crack future generations of Echos and they are bought on the used device market, the same infiltration can occur.
He added that Amazon does recommend the owner of a used smart speaker update the firmware, but that assumes the owner knows what to do.
What else did they hack? In another example, the first generation of the Ring smart doorbell was also hacked by vpnMentor. But, Campbell pointed out, that brand doesn’t list the product by generation, so any buyer of a used Ring doorbell is on their own.
vpnMentor was also able to remotely control the Samsung Smart Camera, which is also not listed by generation, and it was able to compromise the security for the August Smart Lock, the Kwikset Kivo Smart Lock and the TP-Link Smart Plug.
“A lot of people are buying smart devices second-hand,” Campbell said, “and failing to reset the firmware.”
Why does this matter to marketers? Imagine that, as in the novel “1984,” every TV was watching you as you watched it. In that environment, how much would consumers trust the advertising they see there?
Read More at Martech Today
Based in Rochester, New York, Netsville is an Internet Property Management company specializing in managing the Digital Marketing, Technical, and Business Solutions for our customers since 1994. For more information, please click here.