Skip to Content

Networked Home Gadgets Offer Hackers New Opportunities

Connected appliances such as TVs can provide hackers a way into your house.
September 3, 2014

Connecting a new appliance to your home’s Wi-Fi network or broadband modem could increase the risk that data such as passwords will be taken from computers in your house. Such is the warning from antivirus company Kaspersky Lab in a forthcoming report on the side effects of more and more home devices being connected to the Internet.

By now most consumers are aware that security is a major problem for their laptops and PCs, says David Jacoby, a security researcher at Kaspersky Lab. But they don’t realize that appliances like TVs, DVD players, and printers that connect to a home network are vulnerable to similar threats. What’s more, most such devices have no security protections built in whatsoever, he says (see “Securing the Smart Home, from Toasters to Toilets”). “Consumers need to understand that the devices that they buy might be vulnerable,” says Jacoby.

Jacoby recently hacked several Internet-enabled devices connected to his own home network, including his TV, printer, router, and remote storage devices. He came up with a laundry list of flaws in several everyday products, and is working with manufacturers to fix them before making a report public to highlight the severity of the problem.

Jacoby is not detailing the brands and models of the devices he hacked yet until the manufacturers have installed fixes. But the worst offenders, he says, were two network-attached storage devices, which between them had 14 vulnerabilities. One of them was particularly easy to wrest remote control of because it had a default administrator password that was just the character “1.”

The storage devices fetch software updates from their manufacturer over the Internet. But Jacoby showed that feature could be exploited by someone outside his home to connect to any other device on his home network, including his laptop.

Jacoby also found that his smart TV didn’t use encryption when connecting to the Internet, meaning an attacker could intercept data such as payments being made to buy a movie. And his router had a vulnerability that could be used to make contact with any device on his home network.

A preliminary report on Jacoby’s domestic hacking spree can be found here. A fuller report naming the vendors should be forthcoming.

There is currently little evidence that many criminals or tech-savvy pranksters are stalking the Internet with a view to exploiting such flaws. But Marc Rogers, principal security researcher with mobile security company Lookout, says that this is likely to change as connected devices become more pervasive.

“Dealing with the privacy and security aspects of the Internet of things is going to be one of the biggest challenges we have faced in security for a long time,” he says. “We are wearing it and installing it throughout our living spaces and other places where technology has not usually had the opportunity to go.”

Rogers says that many of the features of security software standard on traditional computing devices, such as laptops and smartphones, could also defend these newer devices. However, so far those techniques aren’t being used on the new wave of networked home devices, says Jacoby. “Nobody is doing anything at all about them.”

The best solution for many devices would be to not give them the ability to connect to the Internet at all, he says.

Such restraint seems unlikely, with manufacturers seeing Internet connectivity as a way to differentiate their products. Cisco recently estimated that today there are 10 billion connected devices in homes and offices and that the figure will reach 50 billion by 2020.

Keep Reading

Most Popular

Geoffrey Hinton tells us why he’s now scared of the tech he helped build

“I have suddenly switched my views on whether these things are going to be more intelligent than us.”

ChatGPT is going to change education, not destroy it

The narrative around cheating students doesn’t tell the whole story. Meet the teachers who think generative AI could actually make learning better.

Meet the people who use Notion to plan their whole lives

The workplace tool’s appeal extends far beyond organizing work projects. Many users find it’s just as useful for managing their free time.

Learning to code isn’t enough

Historically, learn-to-code efforts have provided opportunities for the few, but new efforts are aiming to be inclusive.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.