Published on July 16th, 2019 📆 | 3492 Views ⚑0
Now the hackers are coming for your toothbrush
Cracking the sort of microcontrollers that direct everything from fridges to pacemakers help students develop the skills to thwart hackers.
Everything from your toothbrush to your pacemaker can be hacked, and it’s a reality we should prepare for, says a leading Waikato University cybersecurity expert.
“They may not be connected to the internet in the same way as a smart phone is, but you can find a chain of connection and that is going to be a really big problem in the future,” said Dr Vimal Kumar.
“So before we get there, we want to make people aware that there are risks.”
Dr Kumar, who teaches computer science at the University of Waikato, wants to raise awareness about how information from devices that we trust to monitor our lives can be accessed.
* Your smartwatch can pose a security risk at work
* FBI warns parents about dangers of internet-connected toys
* Automakers rush to add wireless features, leaving cars open to hackers
In 2012,TV spy show Homeland depicted a US vice-president’s assassination after his pacemaker was accessed remotely.
“There hasn’t been a reported attack in the real world on a pacemaker so far,” said Dr Kumar. “But researchers have demonstrated many times that such an attack is a real possibility.”
Pacemakers are “hackable” because they contain a microcontroller, a small chip that acts like a computer with the ability to control other sensors and devices.
In theory hackers could remotely order the device to malfunction meaning the pacemaker may deliver shocks to a heart that doesn’t need it, and withhold an electrical pulse from a heart that needs the pacemaker’s help.
Dr Kumar is concerned that the connectivity of devices containing microcontrollers may become a cybersecurity risk to those who depend on them.
That’s why he invited teenage hackers and industry professionals to try their hand at accessing microcontrollers.
Over the weekend, Dr Kumar and his team hosted the 2019 New Zealand Cybersecurity Conference at the University of Waikato with the challenge this year being themed around the “Internet of Things”, or IoT.
“The Internet of Things is about everyday smart devices,” explained Dr Kumar.
He said the microcontroller in your new Samsung fridge or even Bluetooth-enabled toothbrush is what makes it “smart” but also vulnerable.
“The devices can be hacked and controlled from outside as some manufacturers do not use appropriate security.
“Smart devices are connected to us in multiple different ways, either by Bluetooth or wifi, which makes our lives easier but because they’re connected, there’s a possibility of these being hacked and our personal data being used.”
In the IoT challenge, teams of three were tasked with learning how to intercept and change the instructions between two thumb-sized microcontrollers , explained Honours student Sacha Raman.
“One of them sent instructions to the other one on how to turn on and off its light, and the aim of this challenge was to hack one of the (microcontrollers) to make it do something different.”
Dr Kumar said running activities like the IoT challenge, that encourage people in the industry to learn how hackers can access these devices, will help combat the malicious use of hacked data.
“In order for police to be effective, they need to understand how the criminals work.