Smart Toy Vulnerabilities: The Dangers of Toy Hackers


Nowadays it seems like everything is becoming “smart” and every man and their dog wants you to download their app and sign up to their service. And, who can blame them? With the size of the tech market, and the capabilities of modern devices, there is huge scope for products to be made and for money to be earned. However, with tech capabilities come some rather grave risks.

Basically, anything that is connected to the internet can be hacked. It seems not to matter whether you have the best security in the world, someone can probably get in. Heightened security, however, does make it much harder to access devices. The only problem – higher security also equals higher cost.

Smart Toys have become a focal point for a lot of hackers, why? Because there is often next to no security, and due to their connection with apps can offer at the very least access to account information, but also a backdoor into your phone or connected device.

This is where this issue gets all the more sinister. Most smart toys on the market have incredibly good motives and some great learning tools for youngsters. For example, some can download customisable software to help teach your kids, where others allow you to record a message for your child via your phone which the child can then play by pressing the toy or record their own. That was the appeal of the recently hacked CloudPets range. But, when one considers that this means that hackers are able to store all of the messages kids have recorded as well as record their own and essentially have a conversation with your child through their toy, the idea becomes somewhat terrifying.

We have told you about the dangers of leaving your webcam uncovered and how that could potentially allow hackers to use your camera, and also the Kickstarter campaign aiming to put a halt to that. So, why are toy companies not doing something about this? Well, as mentioned before, the cost of having your own highly secure system is pretty substantial, and when dealing with a market where the material costs leave a relatively small profit margin it’s easy to see why companies shy away from shelling out large amounts of cash on cyber security.

How can I Prevent Smart Toy Hacking?

The quickest, easiest and only really 100% foolproof plan is to not have any toys that connect to the internet. If your toy isn’t connecting to the internet then it cannot be remotely accessed. US nuclear codes are kept on floppy disk for the same reason, so you’re in safe hands. Now, this doesn’t mean not buying any of these toys, but perhaps consider a toy that uses Bluetooth to interact with the smartphone, if it absolutely has to. The benefit to that is that for someone to intercept a Bluetooth signal they need to be within range, and for them to access the toy via your phone would mean being able to hack into your phone, which is far harder to do, and wouldn’t really reap any reward (if you are going to hack a phone).

The next step to take is to make sure your Wi-Fi connection is as secure as it possibly can be. This starts with not having a generic password and taking any other measures to make sure that the router the toy connects to is as secure as possible.

The scary reality about being online is that there is never any option to be 100% secure. That’s something we all have to stomach when being online, but to unnecessarily expose our children to the same risks is not the best way to bring children into an ever more tech-centric world. Most people aren’t aware of these risks and that is OK, but by taking the right steps it is relatively easy to make sure that all toys and games have the same level of protection as everything else. This starts with the toy companies, but if they are unable or unwilling to address their security issues then it is down to parents to be vigilant and well informed.

Be the first to comment

Leave a Reply

Your email address will not be published.