How the Internet of Things could bring hackers into your kitchen (or bedroom)

How the Internet of Things could bring hackers into your kitchen (or bedroom)

9:39am, 19th February, 2019
(Pixabay Photo) WASHINGTON, D.C. — Tens of billions of devices, ranging from coffee makers to cars to spacecraft, could someday be connected to global networks thanks to what’s known as the Internet of Things, or IoT, and cybersecurity experts say that could open up a whole new universe for hackers and eavesdroppers. Consider the humble coffee maker, for example: University of North Carolina techno-sociologist suggested that if Chinese authorities wanted to, say, root out Muslim activists in the country’s far western Xinjiang region, they could watch for the telltale sign of coffee or tea being brewed before morning prayers. “Your coffee maker has an IP [address], and it might be at risk of identifying these people, because if I wanted one piece of data from the region, that would be my thing. … It’s a very synchronized hour, that’s the whole point of it,” Tufekci said here last weekend during the annual meeting of the . “Holy crap, we were just talking about coffee making, right? And now we’re talking about taking people to send to internment camps,” she said. “These lines are not as far apart from one another as one would think.” The Internet of Things makes it possible to take action at a distance: It’s great to be able to turn on a coffee maker from your bedroom, using a smartphone app. Or turn off the bedroom lights using an Amazon Echo. That’s why analysts expect . All those devices make the IoT a juicier target for computer attacks like the one that . “We basically forgot to build security into the Internet of Things,” said , a computer science and engineering professor at the University of Michigan. Fu and his colleagues already have demonstrated how hackers could use sound waves to … use ringtones to turn on stove burners … or . To address such threats, he co-founded a . It’s even possible to , using a phenomenon known as intermodulation distortion. “You hear about the kid with the braces who can pick up AM radio stations?” Fu said. “This is the same concept, except we’re inducing it on things that didn’t want to hear us.” Fu’s lab has even come up with an acoustic technique that turns a hard drive into a weird kind of eavesdropping microphone. “What we do is we pull off those errors from the hard drive, upload it to Shazam, and it tells us what music we’re playing in the room, which is kind of a fun parlor trick,” Fu said, The Internet of Things could turn such parlor tricks into a serious matter. Previously: “Computers have always been vulnerable to these kinds of physical problems since the dawn of computing,” Fu said. “The big thing that’s changing is the degree of connectedness and dependence. … We’re actually automating things with smart thermostats and smart locks to automatically open or close, or turn on heat and things of that nature. We are removing the human from the loop before solving a lot of the security challenges.” Tufekci said there needs to be a high-level discussion about the “security of things,” ranging from baby monitors to voice-controlled devices. “I just find it weirdly appalling that we do not have ‘off’ switches for microphones that are physical,” she said. “I just don’t trust any software to be foolproof. … We need to go back to some quite physical solutions.” Fu said security-conscious consumers — and device manufacturers — might have to be more discriminating about things of the internet. “Maybe it’s just not a good idea to put a computer in everything unless there’s a good reason,” he said.