GlobalSign Blog

Is the Christmas Toy You’re Buying Hacked?

Is the Christmas Toy You’re Buying Hacked?

With Christmas rapidly approaching, you may be considering purchasing an Internet-connected toy or other electronic device. While such gifts now commonplace, reality is some of these may very well pose a security compromise. 

That’s because smart toys and gadgets that are connected to the internet via the Internet of Things (IoT) technology continuously collect a steady stream of user-centric data, as well as data regarding the surroundings of their users. 

Market and consumer data provider Statista says the average household in the United Kingdom has nine consumer connectable products while the United States average is slightly more at ten. Add in Covid-19, and the trend is even higher for people purchasing IoT-connected devices. 

That cute internet connected doll may not be so innocent 

People have been concerned about the security of electronic devices for some time, especially where it involves children. According to UK-based parentinfo.org, back in 2015 a security researcher from Pentest demonstrated that something was not quite right about Vivid Toy’s talking doll Cayla. The internet-connected doll was designed to use speech recognition software to ‘listen’ to its child owner. Unfortunately, Cayla proved “less than angelic” as the security researcher’s tests revealed the doll’s software could be hacked, “potentially turning her into a potty-mouthed liability by changing her database of appropriate responses.” 

With that in mind, some things to consider before making a purchase an IoT include:

  • Consider whether the item you’re purchasing is able to connect to the internet or to the Wi-Fi network that has been set up in the home. Such items do numerous potential privacy problems, which is made even worse by the fact that most device manufacturers have little to no understanding of how to secure their devices. These devices are easy prey to attacks that cybercriminals are all too eager to carry out.   
  • Does the product you’re thinking of buying include a camera, microphone, or sensor? IoT-connected devices can see and hear what you do with their built-in cameras, microphone, and additional sensors. Products like robot vacuums, fitness trackers, and home alarm systems, for example - completely rely on gear such as audio, video, and biometric recording hardware to do their job. 

All of which brings to mind the end of the 1980’s movie “War Games” (starring a very young Matthew Broderick). After a computer simulation made it perfectly clear what the outcome of war can be, the computer – “Joshua” - concluded by asking his creator, Professor Falken, “How about a nice game of chess?”

Until device manufacturers take cyber security more seriously, maybe it’s not the worst advice. 

Cybermas Blog CTA.png

Share this Post

Recent Blogs