Reports this past week of car hacking in Missouri and of camera hacking in southwestern Ontario illustrate just how vulnerable users of wirelessly connected devices can be.
“Anything that goes out over the airwaves can be hacked,” said Chris Menary, a security expert and president of Toronto-based Menary Group Inc.
In the car hacking, attackers took control of a Jeep Cherokee on a busy highway killing the engine and bringing it to a sudden halt.
It was actually an exercise for Wired magazine by two security experts using a laptop and Wi-Fi to send code through a backdoor in the vehicle’s entertainment system forcing the moving Jeep Cherokee to a halt.
Last year, the same security experts, Charlie Miller and Chris Valasek, revealed 20 of the “most hackable” vehicles — putting the auto industry on notice.
The automaker announced Friday a recall of 1.4 million vehicles to ensure owners have updated security.
While hackers hijacking our cars is scary — there’s little that frightens us more than someone getting inside our homes, whether in person or through our technology.
Police in London, Ont., warned the public last Wednesday about a hacker taking control of a monitoring camera in a home as the parents were putting their two-year-old son to bed.
The boy’s father told CTV London it was obvious the family was being watched because he heard a man’s voice and eerie music.
The story received a lot of attention on social media because it was similar to the premiere episode of the TV series CSI Cyber where FBI agents investigate after a baby monitor is hacked and a young son is kidnapped.
While the episode is fiction, being vulnerable to cyberattacks or hacks at home is real.
Menary warns the security problems are far more widespread because many consumers leave the door open to their technology.
“It’s not just phones, iPads, cameras, it’s smart watches, alarm systems, A/Cs and heating controls and cars — all of this is or can be connected to the Internet,” Menary said.
Yahoo Canada News asked Menary for tips on how to prevent criminals from gaining access.
“We need to ensure that our privacy is protected, so when you are securing your Internet use a name for your network that can’t identify you,” he said.
“Every device should have a strong password, so avoid using telephone numbers, streets or nicknames.”
Menary lists some do’s and don’ts for passwords:
at least eight characters long;
does not contain your user name, real name or company name;
does not contain a complete word;
is significantly different from previous passwords;
contains characters from each of the following four categories, upper case, lower case, numbers and symbols.
Security flaws in surveillance cameras have been known for years. However the fault is not always in the manufacturing or the software. Often, consumers don’t bother changing the default password.
There are websites dedicated to showing the tens of thousands of cameras left unsecured for anyone to watch.
A quick search reveals lists of Canadian URLs where live cameras can be viewed. Many just show driveways, or the front door. However, others show unsuspecting people constantly in view, such as this gas station in Passmore, B.C.
Of course, hacking affects more than cars, cameras and devices. Hackers are also a very real threat to the security of nations.
This week, the federal government announced that Canada is spending up to $247 million to protect computers after a Chinese state-backed hacker broke into the National Research Council’s system last summer.
John Manley, CEO of the Canadian Council of Chief Executives, said this week that cyber security keeps Canada’s top bosses “awake at night.”
“The private sector is experiencing not occasional but regular, steady attacks on their cyber systems.”
For Menary, the answer is to remind yourself about information that needs to be protected, whether it is from a government agency, or a regular citizen.
“We now need to think beyond just locking our doors — it’s all about privacy.”