Hacking Your Phone and the Internet of Things

Wouldn’t it be fantastic if your refrigerator could inform you when it was out of milk, or vegetables? And wouldn’t it be even more convenient if your fridge could communicate these things to you across town—through a text message?

It may seem like some kind of science fiction, but with the Internet-of-Things (IoT)—the connection of common appliances, devices, and services through the Internet—such scenarios are looking more like science future than fiction. IoT has grown from an inspiring tech phenomenon to a very tangible component of our daily lives. And this is only the beginning. Aside from connected refrigerators, thermostats and game consoles, one of the most ubiquitous examples of IoT are mobile devices. Smartphones and tablets now have the ability to keep us connected to our homes, social profiles, bank accounts, as well as our favorite stores—for better or worse.

What happens when the mobile devices that add such ease to our lives, and connect us to our smart devices away from home, end up opening the door to hackers and other cyber snoops? In December, multimedia messaging app, WhatsApp, was found to have left its users exposed through a security oversight that allowed messages sent over Wi-Fi to be viewed as plain text—for those who have the right know-how. Additionally, earlier this year, Snapchat, another mobile messaging app, was hacked, leaking 4.6 million usernames and phone numbers. Although the perpetrators claimed that they did so with the intention of exposing the vulnerability that Snapchat had yet to address, and only posted partial phone numbers, they were still able to gain access to users’ sensitive information with ease. Even though the consequences of these security lapses were fairly benign, each belies an underlying problem: the Internet of Things is here but the security necessary to protect users isn’t quite there yet—especially when it comes to connecting with mobile apps.

While hyper-connected convenience is great, there are also inherent risks associated with having all of your things accessible not only to each other, but to you through your mobile device. If you can control your lights, heating, television, and locks from miles away, potentially so can hackers. The rush to offer connectivity creates a lot of opportunities for businesses to cut-corners on security, putting users at risk. If a hacker can compromise your smartphone, they can compromise any or all of your other IoT devices linked to your mobile device—as well as all of the accounts connected to them. That can be a frightening thought when you consider all of the data now stored on mobile devices, from location and contact information to payment data like credit card numbers and back accounts.

Most manufacturers have focused on the convenience of syncing our devices without considering the potential virtual and physical threats if these technologies were ever compromised. This app security oversight is not the first (nor will it be the last) time that safety is overlooked for convenience, meaning it is up to users to be proactive about their own safety when connecting via mobile to IoT and other smart devices.

As we’ve discussed in previous blog posts, the Internet-of-Things hinges on how much access you grant these devices to your smartphone and home network. While securing the Internet-of-Things may seem challenging, it doesn’t have to be. Here are a few security-conscious options to keep in mind as the world around us becomes more connected:

  • Use secure, complex, and unique passwords on all of your devices and update them regularly. When a password option is offered, take it. This means using at least eight characters with uppercase and lowercase letters, symbols and numbers in a random order.  Refrain from using the same password for all of your devices.
  • Scan your devices for viruses. Not all IoT devices have software to scan them for malware or viruses, but you can stop hackers before they can get into such smart appliances by monitoring your home network and mobile devices with McAfee security products.
  • Limit the amount of access an app has to your data. By limiting an app’s access to your contacts, email, location or other sets of data, you can stave off the possibility of your smartphone, and by extension, your information, being compromised in a cyberattack.
  • Update your devices and apps when you can. By updating your devices (both mobile and IoT) and apps, you’re ensuring you have the latest protections against security vulnerabilities, making it harder for hackers to gain access to your personal information.
  • Stay up to date on cybersecurity with McAfee. By staying up to date on the latest security news and using comprehensive solutions, you’ll have a head start on protecting yourself from hackers and other risks. McAfee® Mobile Security comes with many features to help prevent your mobile devices from being infected by malicious software, including Wi-Fi protection to warn you when you’re connected to a risky network. In addition, McAfee LiveSafe™ service provides complete security for all of your devices including smartphones, tablets, PCs and Macs with real-time protection against mobile viruses, spam, and more.

For the latest updates on consumer threats and mobile security, follow us on Twitter at @McAfeeConsumer and on Like us Facebook!

lianne-caetano

Leave a Comment

sixteen + 14 =