Be Aware of Unsecured IoT Toys this Christmas


13 Dec 2016

Be Aware of Unsecured IoT Toys this Christmas

By Tony Daly –Cyber Security Consultant at PGI

It is that time of the year again when parents and Santa are inundated with requests for presents from their loved ones – apparently, Santa is delivering a Paw Patrol scooter to a very excited toddler in our household this year.

If you sit down and watch children’s television at this time of the year you would be under the impression that you are not watching children’s television but in fact non-stop advertisements.

However, those of you with older children may be hounded by requests for more advanced toys. It is probably fair to say that some children are more digitally adept than their parents and thus will want the latest must-have gadget. Inevitably, a lot of these devices will be internet connected and these can bring additional risks.

Are you aware of these risks?  

This is where the Internet of Things (IoT) rears its head.  There are massive benefits to having IoT connected devices and yet there are severe pitfalls which currently revolve around the issues of privacy and security.

There have been several high-profile incidents in the media in the past month or so where IoT devices have been exploited and used to carry out Distributed Denial of Service (DDoS) attacks against multiple targets.

Parents would never deliberately place their children in harm’s way in normal day-to-day activities, yet when it comes to Christmas and Birthday presents, we tend to cave in (or grandparents end up spoiling them) to their demands without doing due diligence on these toys. If someone told you in the mid 1990’s that your children would be able to play with toys that anyone across the world would be to communicate via, then you would not believe them.

A toy manufacturer, Mattel, got caught out in 2015 when one of their products, Hello Barbie, was discovered by a U.S. based security researcher to be susceptible to hacking. An attacker could gain full access to the microphone – hardly a suitable toy for your children. Economics plays a big part in deciding whether security is baked into the design of a device or is added as an afterthought and unfortunately, it would appear the latter category is the go-to option.

What’s the point of this article you may ask? It’s not designed to alarm you but to merely highlight to those of you who are purchasing internet connected devices and toys that you do your due diligence on your toy of choice, be aware of the risks involved and observe how your children interact with these toys and devices.

The saving grace is that when children get bored of their toys and resort to playing with the packaging instead, there will be no risk of hackers exploiting cardboard boxes. Although I can’t guarantee that answer will still be the same in years to come.

For the latest PGI updates like our pages on LinkedIn – PGIPGI Cyber , Facebook – PGIPGI Cyberand Twitter

Share this article

Contact us

Call us now to discuss your requirements with one of our consultants.

Contact us today

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Watch Video

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Watch Video

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Watch Video
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP