The fragility of IoT revealed by an 11-year-old child
Reuben Paul, who is just 11 years old, showed us how a teddy bear could be hacked. During the international security conference that took place in The Hague, he left everyone speechless when he accessed the devices of people in the room through Bluetooth to manipulate his teddy, Bob, and was able to access the cloud via WiFi and Bluetooth. By using a Raspberry Pi (a micro-computer well known among geeks) and Python, he found smartphones in the crowd with activated Bluetooth, recovered telephone numbers, connected one of the devices to the teddy and, by taking control of the lights, he was able to send a message. He showed experts how this type of toy can be a double-edged sword.
“From airplanes to automobiles, from smartphones to smart homes, anything or any toy can be part of the Internet of Things (IOT)…From terminators to teddy bears, anything or any toy can be weaponized.”
#internetoftoys or #internetofthreats? Reuben Paul 11 yrs.) tells us at #NLcyber how it is. @ncsc_nl pic.twitter.com/hDstEWlOiZ
— Joost vander Vleuten (@BruJoost)
May 16, 2017
In some countries, like Germany for example, this type of toy is prohibited. However, the point is: the experiment carried out on the teddy can be carried out on a refrigerator, a thermostat or any other type of connected device. Thanks to Bluetooth and WiFi, any IoT-connected device can be used to access our information. Of course, Reuben Paul isn’t just any child (he created the CyberShaolin Association to inform children and adults on security) but it’s worth asking questions about security for smart home devices.
Guest network: a solution to secure your smart home
What can you do to stop the worst from happening? Securing your WiFi network is important to guarantee the security of your personal information. Opt for a router that has a guest network. This way, you can create two different WiFi networks, so you can connect your nearby IoT devices to one, and carry out your online payments and keep an eye on your bank account with the other one. You can also have a network just for your use, and keep another one available for your parents’ or friends’ devices when they visit, so you don’t lose your sensitive data.
Creating a guest network is the first essential step for securing your information.
Guest networks are networks that, through different SSIDs and certain access restrictions, allow you to better protect your information by using your own domestic network. This type of network offers different security settings in order to not allow clients to access a router or your private devices. In short, these networks are the first essential step to secure the network so you can sleep at night, and they are very easy to install.
To create two networks, you’ll need a router that supports this feature. There are many of them on the market, but keep in mind that the router your service provider may have given you isn’t likely to. To guarantee that your router supports this feature, check on the website of, or the instruction manual from, the manufacturer.
How to create a guest network
If you have a router at home that supports a guest network, follow these steps:
- Enter the IP address for the router into your browser and enter your username and password.
- Find the guest network settings (often called “Guest Zone” or “Multiple SSID”).
- Activate it and enter your SSID identifier for the guest network.
- In the security settings, select the guest network, establish a security method and enter your password.
- Save and wait several minutes for the router to restart.
Check the available networks: you should see the new network that you created. Now, you just need to save the password for the network that you want to keep private for your own use, and share the password for the second network with your guests, which will also be connected to nearby IoT devices which, due to their vulnerability, can be more easily hacked.
If you have a router that doesn’t support a guest network, you can connect a hotspot or another router to have a second available network. For increased security, the best solution would be to create three different networks: one for your private devices (such as your PC and smartphone, for example), one for your IoT devices and one for guests.
We often underestimate the importance of regularly changing passwords for devices and online services.
What do you think?
Given that your smart home and your information is secured through your network, don’t forget to:
- Change the default password and replace it with another that is harder to guess (this seems obvious but, often with smartphones, many people choose passwords such as 1234 or 0000).
- Change your network password regularly.
- Change the name of your network (but don’t include your name with your date of birth, for example).
In addition, speaking of IoT, it’s important to use secure devices (avoid unknown and cheap brands) and keep your software up to date.
Do you use a guest network at home?
A happiness because you have visited our site page Protect your smart home by securing your WiFi network