It’s that time of year again: the time for a gauntlet of ads, shopping trips, and crowds as we begin the holiday season. Like most years, gift-givers will be looking for the latest and greatest in toys and tech gadgets for those on their list. Many of these connect to the Internet or other devices, putting them in the security spotlight. These ‘most hackable’ gifts represent some of this holiday season’s popular gifts that present a risk if not properly secured.
A lot of this year’s hot-ticket tech items — everything from wearable fitness trackers to smartwatches, action cameras and drones — are appealing, not just you and me, but to cybercriminals as well.
Luckily, these popular gifts can be better secured with a few simple actions – you can start by being aware of the risks and be thoughtful about securing your new “toys.”
Let’s take a look at this year’s most hackable holiday gifts, and how you can easily make them more secure.
Smartwatches and Fitness Trackers
This is the year of the wearable device. Smartwatches and fitness trackers are an exciting new area for the consumer Internet of Things, and promise to be high up on many wish lists for seasons to come. But because most wearable devices today lack significant security built into the devices themselves, they can be an attractive target for cybercriminals.
Now, most wearable devices don’t actually contain much in the way of usable data for cybercriminals, but most provide a connection to both smartphones and computers. By exploiting this connection, cybercriminals can mine devices for contact information and, in some cases, install malicious software (malware). Many consumers underestimate the amount of data that wearable devices collect, so it’s important to be mindful of how much personal information you are giving any apps associated with your wearables, in the case that a device or account is compromised.
We at McAfee know that it’s possible for cybercriminals to leverage the weaknesses in Bluetooth in order to steal data. Moreover, some devices use default pairing passwords for Bluetooth, like 0000 or 1234, allowing cybercriminals to pair and gain access to a device. When cybercriminals get a person’s username and email address they may use this data to launch spear-phishing attacks — where cybercriminals pose as a familiar entity in an effort to steal sensitive data — or even identities.
Smartphones and Tablets
With the excitement of getting new devices, consumers often are so eager to begin using them that they do not take time to properly secure them. For example, some devices use default pairing passwords for Bluetooth, like 0000 or 1234, allowing cybercriminals to pair and gain access to a device. Much like the aforementioned smartwatches and fitness trackers, cybercriminals could use this connection to mine contact data and spread malware.
Drones and Camera-enabled Devices
As expected, drones and remote controlled cameras are popular gift ideas this year as well. According to the Consumer Electronics Association, the U.S. market for drones should approach $105 million in revenue in 2015 alone. But remote cameras and drones may also be targets for many hackers today. Without proper security, these types of devices can give the wrong people access to personal data that you would not want to be shared.
Default passwords can give cybercriminals access to your device. Many users simply forget, or don’t know how, to change passwords after logging into their new devices for the first time. Always examine a device’s instructions, or refer to online guides, to change factory setting passwords immediately.
Finally, there will be many Internet-connected children’s toys this year. That means parents will need to take the time to understand how a toy — be it a remote control car or a doll — connects and interacts with the online world. If a toy does have Internet connectivity, learn how you can change its default password or manage settings to restrict what it broadcasts to the Internet.
So, what can you do to keep your gifted gadgets safer? Here are a few simple steps you can take:
Change default passwords. This is probably one of the best methods of better securing your devices this holiday season. By simply changing a device’s password to a complex one — at least eight characters in length with numbers, symbols and upper and lowercase letters — you’ll adopt a significantly improved security posture.
Keep software up to date. Smart devices almost always require routine software updates. Often, these updates include security fixes designed to protect you from cybercriminals. Always update your devices as soon as updates become available.
Protect your core devices. If a hacker takes over your drone or fitness tracker, you’ll want to keep them from accessing your smartphone, tablet or laptop. Security solutions like McAfee LiveSafe™ can help protect your digital life from malicious software and activities.