Scotland

You'd better watch out for hackable toys says expert

teddy bear
Image caption Cloudpets say they are always improving their products to combat new vulnerabilities

A leading cyber-security expert says parents must become much more tech savvy to stop hackers turning toys against their children.

Professor Bill Buchanan, of Edinburgh Napier University, studies threat analysis, cryptography and digital forensics.

He also hacks internet-connected toys to highlight the possible pitfalls.

Prof Buchanan said: "We are part of the internet and we need to understand the risks that we face."

The number of internet-connected toys has grown rapidly in recent years.

Internet of things

But in common with much of the so-called "Internet of Things", cyber-security has been left rushing to catch up.

To illustrate the problem, Prof Buchanan is talking to Trent the teddy bear.

Image caption A red heart in Trent's chest indicates that a message has arrived

Trent is brown and cuddly and has a little red heart on his chest.

A digital app allows a doting parent to remotely record a message from their mobile phone for Trent to pass on to their child.

Because Trent is a connected toy, his little red heart flashes when the message arrives.

The child presses the bear's paw and the parent's message plays from its speaker.

Image caption Prof Buchanan can hack toys to highlight the dangers

What could possibly go wrong?

The professor can hack the link.

Without giving too much away, you have to be within range of the bear to do it.

A few taps of the keyboard and some specially-written code is running.

A browser interface gives him control of how fast Trent's heart beats and - crucially - the ability to slot his own audio message into Trent's circuitry.

Image caption A digital app allows a parent to remotely record a message from their mobile phone

-

Which is why the cute wee thing begins shouting like a Dalek: "ANNIHILATE! EXTERMINATE! DESTROY!"

One senses this is not the sort of unauthorised message Junior would appreciate.

CloudPets, who make this particular teddy, say they're always improving their products to combat new vulnerabilities.

And they say they use a proprietary audio format that is hardware-encrypted.

Given that Prof Buchanan is an expert in this sort of thing, you might conclude that if anyone was able to do it, it would be him.

Image caption Prof Buchanan was able to put his own message into the toy's circuitry

But he's warning this is a game anyone can play because less ethical hackers will not just find any weakness, they'll post it on the web for anyone to replicate.

And as the number of connected toys grows, the number of possible hacks is growing too.

He says that means parents must be as vigilant as the toymakers.

Prof Buchanan says: "They need to be understanding of the toys that they're actually buying.

"The minute a toy connects to the internet - that's really got to be a worry."

Image caption CloudPets says they use a proprietary audio format that is hardware-encrypted.

How bad could it get?

Earlier this year the German authorities advised parents to destroy one model of internet-connected doll because it could reveal personal data.

But it's not just toys.

You might imagine an internet-connected security camera would make you more secure.

Many of them do. But not the model Prof Buchanan has hacked.

Back door

That is why we are sitting in the professor's office having a look into his front room at home.

The camera has a back door through which a hacker can take control.

Image caption Less ethical hackers will find a weakness and post it on the web

It also lacks a lockout - a feature which will prevent someone from making more than a given number of attempts to guess the correct username-password combination.

In fact, they don't even need to guess.

There are programs out there which will do the guesswork for you, cycling through the most common possibilities.

In this case, one such program takes a few seconds to discover that the winning combination is "admin" and "123456".

It underlines that, wherever possible, the proud new owner of a connected piece of kit should consider such security basics as changing the default password.

There is more at stake here than the ability of a hacker to watch you and criticise the d├ęcor of your lounge.

Image copyright Getty Images
Image caption The My Friend Cayla doll has been shown in the past to be hackable

Other connected cameras have been used not just to spy but to stage massive cyber attacks.

The professor says the Internet of Things is reaching into every aspect of our lives.

He says: "We see smart fridges, we might even see smart toasters.

"But your TV is now smart - your TV connects to the internet. Your TV can listen to you and make sense of what you're actually saying.

"So the opportunities for intruders to spy on you increase by the day."

Wrong hands

Prof Buchanan adds: "Everyone needs to become much more tech savvy and understand when someone might be doing someone against them."

Toys, cameras, fridges, TVs. What other devices might fall into the wrong hands?

Image caption A wi-fi connected kettle is a thing in the Internet of Things

Your car, perhaps. If you don't own a connected car already, your next model may be able to tell who is driving, how fast you are going - even what music you're listening to.

And for those of you who just can't wait for a cuppa when you get home, there are digitally-connected kettles.

Yes, kettles are a thing on the Internet of Things.

An app allows you start the kettle boiling while you're still on the way home (or just too cosy to get out of bed for another couple of minutes).

Image caption Internet-connected cameras have been used to spy and stage cyber-attacks

Bill Buchanan has an early model of such a kettle which is an example of the threat posed when the buyer has not changed the password.

"The default password is 000000," he says.

"This particular kettle gives away your wi-fi password for your home wireless network."

The kettle's manufacturers say that's an old version, and it's since been updated to remove the issue - and the ones currently available are safe and secure.

All this underlines the -`fact that if something is connected to the internet, someone is going to have a crack at it.

The Internet of Thin41gs is a new frontier. And just like in the Wild West before it, the guys in black hats tend to have their fun before the lawmen turn up.

More on this story