How secure are the passwords you use to access your banking or investment data? A recent article in Forbes magazine surveyed security company SplashData’s password dumps, looking for the world’s most common—and, therefore, easiest to guess—passwords. This is a big problem; SplashData estimates that just over 10% of people use at least one of the 25 most common passwords. Guess which words hackers and cyberthieves are going to guess first when they try to hack into the account that contains your banking information?
You undoubtedly know that hackers are everywhere these days, including openly operating in Moscow near the government offices and inside the Chinese military. You probably have virus and malware protection on your computer, and you know not to click on suspicious links sent by email.
But an interesting new vulnerability is emerging which you may soon be hearing more about: internet-connected toys.
A recent article in Forbes magazine reports on what a group of professional hackers found when they tried to sneak into smartphones connected to the Hello Barbie toy that will undoubtedly be a popular gift this holiday season.
The toy records kids’ conversations through the phone, and uses artificial intelligence to build that data into semi-realistic conversations with the toy’s owners. The Hello Barbie app connects to your phone through your home Wi-Fi network, but it also connects, automatically, to any Wi-Fi network that has the word “Barbie” in the name. All the professional hackers had to do was set up another Barbie Wi-Fi hub, wait for the toy to automatically connect, and they could pilfer data from the phone at will.
In addition, the Hello Barbie apps proved to be vulnerable to so-called POODLE attacks, which let hackers intercept traffic between the phone and the servers at doll manufacturer ToyTalk.
Would hackers really target a toy? Last month, a Hong Kong-based firm called VTech was hacked through its own kids product, the InnoTab tablet. The result: the theft of information on 6.4 million children and 4.8 million adults.
About the Author: Bob Veres has been a commentator, author and consultant in the financial services industry for more than 20 years. Over his 20-year career in the financial services world, Mr. Veres has worked as editor of Financial Planning magazine; as a contributing editor to the Journal of Financial Planning; as a columnist and editor-at-large of Dow Jones Investment Advisor magazine; and as editor of Morningstar’s advisor web site: MorningstarAdvisor.com.
Mr. Veres has been named one of the most influential people in the financial planning profession by Investment Advisor magazine and Financial Planning magazine, was granted the NAPFA Special Achievement Award by the National Association of Personal Financial Advisors, and most recently the Heart of Financial Planning Distinguished Service Award from the Denver-based Financial Planning Association.
Hello Barbie iOS and Android apps used to manage the device are vulnerable, researchers claim. Connected toys in general are something of a security nightmare…