18 Everyday Things You Didn’t Know Could Be Hacked
From infiltrating your fridge to your fave television series, hackers could even be watching you right now!
Look out pick-pockets, you might be out of a job: Hackers don’t even need to reach into your pocket to steal your credit card information. If you keep contactless credit cards on your phone you’re susceptible to being hacked, because with malware hackers can virtually swipe your plastic without laying a finger on you. Whether you’re using Paypass or SamsungPay, a hacker can infiltrate your phone by reading the Radio Frequency Identification Chip (RFID) on the card. Even ApplePay which is supposed to be more secure has had breaches. If the phone is jail broken according to Timur Yunusov, head of banking security for Positive Technologies, it can be hacked. “Or hackers use public Wi-Fi, or their own ‘fake’ Wi‑Fi hot spot, and request users create a profile. From this point, they can steal the ApplePay cryptogram [the key to encrypting the data].” If you use ApplePay to purchase items online, beware of fake websites, avoid using public Wi-Fi to buy things and try keeping your phone in an RFID blocking wallet.
Pacemakers can be shut down
According to CNN, almost 500,000 pacemaker recipients could be hacked allowing someone to change the settings or shut off their device entirely. And it’s not just pacemakers that can be messed with—any medical devices that are Bluetooth enabled and wireless are at risk, including insulin devices. “This access could be used to modify programming commands to the implanted pacemaker, which could result in patient harm from rapid battery depletion or administration of inappropriate pacing,” the Food & Drug Administration (FDA) wrote. Some of the vulnerable pacemakers were manufactured by Abbott Laboratories. The FDA advises patients to visit their medical practitioner to update their pacemaker firmware.
Protect your fridge
If you’re familiar with the show Silicon Valley on HBO, you probably cracked up when the often humorless techie character of Gilfoyle hacked the talking smart fridge that was driving him crazy. His hack replaces the fridge’s giant information screen with a mime making obscene gestures. That may seem a little far-fetched, but as the Internet of Things becomes more common, from smart door locks to self-programming thermostats, security and privacy concerns are no laughing matter. In fact in 2015 a Samsung smart fridge was used as an example of how easily it could be hacked at a DEFCON hacking conference. Researchers presented evidence that people could have their credentials stolen over Wi-Fi right from the fridge. According to Consumer Reports, some ways to ensure you don’t get your smart appliances hacked is to make sure your router is WPA2 encryption enabled. But as appliances become smarter and technology continues to grow, we’ll need to stay vigilant, and keep tabs on security measures. (Speaking of your fridge, here’s a list of foods that need to be refrigerated.)
It’s easier than ever to steal a car
Stealing cars isn’t new. How many 70s spy series had their villains or heroes hotwire a car to make a quick getaway? As cars have grown more dependent on technology, auto theft and hacking have become partners in crime. And hacking into a car’s wireless key fob is only getting cheaper and easier. According to Wired Magazine, researchers in China were able to build key-spoofing hardware that enables them to open car doors parked more than a thousand feet away. And it only cost a mere $22 to make. “The attack uses the two devices to extend the effective range of the key fob,” says Jun Li, one of the researchers in the Qihoo group, who call themselves Team Unicorn. “You’re working in your office or shopping in the supermarket, and your car is parked outside. Someone slips near you and then someone else can open up and drive your car. It’s simple.” How to stop would be car thieves? Wired suggests keeping your keys in a Faraday bag that blocks radio transmissions or in another frequency blocking container like one made of metal. Be extra cautious if you drive one of these cars that are most likely to be stolen.
Turns out not even Nemo is safe when it comes to hackers. The Washington Post reported that a North American casino was hacked via fish tank. According to the cybersecurity firm Darktrace, the hackers were able to breach data within the casino using sensors connected to a computer that regulated the climate, food, and cleanliness of the casino’s fish tank. “Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,” said Justin Fier, Darktrace’s director of cyber intelligence. Although no fish escaped, supposedly 10 GB of data did.
The next time you swipe that hotel key card to get in your room, you might want to think twice about the personal items you’re leaving behind. If there’s a DC power port in the lock, a hacker can access your room without your key card. Back in 2012, Mozilla software developer, Cody Brocious built a cheap device that showed how easy it was to open an Onity hotel room lock which at the time was used by millions of hotel rooms around the world. Since then other hacking devices have appeared. Magproof wirelessly reads hotel card strips and stores the card data for later so someone can easily break into your hotel room. Taking it one step further another inventor used Magproof’s technology to build a device that is able to quickly guess every hotel room’s key code. According to Forbes, the hacker only needs to hold the tool close to the door card reader. Think it won’t happen to you? Hackers recently paralyzed an Austrian 4-star hotel from being able to create new key cards and the hotel had to pay a ransom in Bitcoin to get back up and running. It seems old-fashioned keys could make a comeback or hotels will need to add more unique data to safely secure key code locks. Here’s more advice on not getting robbed when you stay in a hotel room.
Hackers are now taking aim at our most precious commodities—our entertainment. They recently breached HBO servers stealing 1.5 terabytes of data, then released new episodes of Ballers, Insecure and Room 104, and a script for an upcoming Game of Thrones episode. More seriously they stole “thousands of Home Box Office (HBO) internal documents,” said the security company hired by HBO to prevent the information from being shared on Google. According to Variety, hackers stole “HBO’s internal administration tools, listing employee names and email addresses and their functions within the organization.”
Electronic voting machines make sense when you consider the ease of gathering information and analyzing results, but not when hackers can just as easily manipulate data with a little cyberstalking. At the Def Con hacking summit in Las Vegas, experts were able to break in to the digital ballot boxes of U.S. voting systems in 90 minutes. They tested 30 different election machines that were picked up from U.S. Government auctions and timed how long it took to breach each one. What they discovered is many of the machines were running old software and had other hardware weaknesses making them easy to hack. The Def Con tests raise some vital questions about the machines being used for electronic voting and how to ensure electronic voting is a secure voting option.
If you recall the bedtime tale of Goldilocks, you’re familiar with the three bears and their catchphrases “Someone’s been eating my porridge,” “Someone’s been sitting in my chair,” and “Someone’s been sleeping in my bed.” Now you can add “Someone’s been watching my Netflix.” According to Time, Goldilocks may be swiping your Netflix password by simply purchasing it online. Cyber thieves steal your login information and sell it for few dollars allowing others to binge watch their favorite shows on your dime. Time recommends you do this check next time you log into your Netflix account: Click the primary profile then select “Your Account” from the menu. Review “Viewing Activity” and flag anything you might not have watched. Keep in mind that even if you might not have watched a show one of your secondary users, like your kiddos, could have. And while you’re at it, if you notice you’re honey has been binge-watching episodes of your favorite show without you, his or her “cheating” could be more serious than you think. You can also head to the website Have I Been Pwned and pop in your e-mail address to see if your information has been breached and where. Certain that Goldilocks has been watching your Netflix? Go to the “My Account” page in Netflix and sign out of all your devices. Then change your password. That should take care of that little blonde sneak.
Snapchat is hot and we don’t mean because it has over 160 million users, but because some people’s accounts have been stolen. In 2013 hackers published a database including usernames and phone numbers of about 4.6 million users. What to look for if you think your account has been compromised: Have your settings been altered or you name changed? Do you suddenly have unfamiliar friends? Has Snapchat alerted you that someone has logged in from a different device? And consider what you’re posting because it might not have vanished. There are 3rd-party spy applications that are available online that people are using to save and download the images and videos you thought went poof after you hit send. And if they end up swiping some compromising images, well, you just might want to disappear, too. Find out the things you should never post on social media.
Back in 2015, the Telegraph noted that hackers conned PlayStation and Xbox gamers out of their the private information. They made off with email addresses, passwords and IP addresses that could be used in other ways from 2.5 million accounts. Ironically some younger hackers first become interested in breaching internet security because of their involvement in competitive gaming. And in a way it can make gamers more lax in their own security measures, but that’s a risky thing to ignore. The simplest line of defense is creating unique passcodes and changing them often or gamers will be so busy trying to recover their cyber identity they won’t have time to game. “This data is likely to be sold on the dark web and used for future cyber crime,” said Robert Capps, vice president of security at NuData Security. “Keep alert to any phishing scams that may appear in email as a result of this hack, changing passwords on any site where same password or username are used.”
When a casino in St. Louis realized their slot machines were shelling out more money than people were putting in it, they knew something was wrong. After carefully reviewing surveillance tapes they found the culprit. They spotted him holding an iPhone close to the screen of older machines while pushing the slot’s buttons. And then, according to Wired, “he’d go back for a second try and hover his finger above the Spin button for long stretches before finally jabbing it in haste; typical slots players don’t pause between spins like that.” How to stop this slot bandit? Although only certain older machines can be hacked manufacturers would have to pull all the machines out of service and replace them. The cost for casinos to invest in newer slot machines combined with the popularity of the older slot games makes it harder for casinos to discard these easily hacked machines.
You’ve got (hacked) mail
If a hacker gets into your e-mail account, it’s not just your e-mail they’re reading. They are searching for and looking to access a lot of other personal information so they can infiltrate other areas in your life like your bank account. They can swipe your credit card details, open accounts in your name, take out loans, ruin your credit rating, and even steal your contact list. According to Heimdalsecurity.com, 68 percent of victims of identity theft don’t even know how the thief obtained their information in the first place. It’s up to users to stay on top of their emails, deleting those that contain personal information from online orders or financial institutions. Even e-mailed travel itineraries could alert would-be thieves to when you’re not home. Here’s one woman’s cautionary tale of having her identity stolen that you definitely want to read.
Your phone number
It doesn’t take an Oscar-winning actor to convince a telecom rep to have your phone number forwarded to a different number or “ported” to another carrier and a hacker’s phone according to Forbes. All it takes is the thief digging up some vital personal stats like a street address, the last four digits of your social security number and a birth date. One step to protect yourself is to use two-factor authentication which many banks and firms now offer. The fact that your phone number is used for security measures for many institutions like your bank account, email, or utilities makes it something you need to protect. However, Forbes says there’s not enough being done to safeguard these phone numbers and this is providing hackers ample opportunity to steal valuable crypto currency. Find out how to protect yourself from the most common internet scams.
In a recent news story, a house in Westfield, New Jersey was deemed The Watcher House because of creepy letters being received from someone calling themselves The Watcher who was claiming to spy on the house. But what if said watcher was in your baby’s monitor? According to NBC, there are people spying on babies by hacking baby monitor webcams. “Video monitors are intended to give parents peace of mind when they are away from their children but the reality is quite terrifying—if they aren’t secure, they can provide easy access for predators to watch and even speak to our children,” said Department of Consumer Affairs, Commissioner Julie Menin said in a statement. She went on to warn parents about reports of strangers talking to babies through their monitors. Turns out baby monitors aren’t the only device that hackers are watching you from.
Air traffic control
Fly the friendly skies at your own risk. According to ABC News, hackers have demonstrated that they can interfere with air traffic control transmissions.It happened on a flight that was supposed to land at Washington’s Reagan National Airport. It was hacked and the pilot was given false instructions to divert the landing. Luckily the pilot realized it was fraudulent, but not before it caused tons of confusion. “From time to time we have had unauthorized people use frequencies used by air traffic controllers to issue incorrect instructions,” said FAA spokesman Jim Peters, citing as an example “ghost transmissions” at Kennedy Airport in New York City. Computerworld noted that a report by the Government Accounting Office (GAO) about how the Federal Aviation Administration (FAA) addresses cyber threats showed there are weaknesses in the air traffic control system and other information systems.
A light bulb with a virus? Seems strange, but according to Fortune Magazine hackers gave a virus to a whole slew of Philips brand light bulbs that resided in an office tower. Now in control of the light bulbs in the building, the hackers proceeded to flash an “SOS” message in Morse code and shut the lights on and off. Sounds like they were having a little fun, but it’s actually a bigger deal than that. Researchers from the University of Canada and Tel Aviv explain that by controlling the light bulbs with a virus would-be hackers could ultimately black out an entire city, or use the virus to launch attacks on other parts of the Internet.
Most people would agree that sitting in traffic can be annoying. How many times have you chided yourself for not making the green light in time? Or felt like a red light you got caught at was lasting forever? You can try these mental tricks to get you through a traffic jam, but what if you could control the traffic lights for your evening commute home? On the flip side, what if someone else had the controls? That’s exactly what a pair of traffic engineers demonstrated. The Washington Post reported that the engineers, as a form of protest, hacked into a traffic light signal in California forcing cars to slow and to stop at key intersections. Of course, gridlock ensued when cars were kept at red lights for long lengths of time. If hackers assumed control of traffic patterns it could mean chaos on the roads.