SALT LAKE CITY (KUTV) — Imagine a hacker breaking into your light bulbs or smart speaker to get at your personal information.
The list of smart devices connected to home Wi-Fi systems continues to grow, and some tech experts say they're more vulnerable to hacking than many people realize.
Think of all the items in your home that are connected to the internet: doorbell cameras, smart appliances, sprinkler systems, thermostats, etc. Techies call this the Internet of Things. But these devices are also said to gather information from the network, and some experts believe you shouldn't trust them all.
KUTV reported on hackers' newest favorite toy, Flipper Zero, showing how it can be used to clone key cards to open garage doors, while IT Now's Laird Peterson demonstrated how a hacker can use Flipper Zero to take over someone else's laptop.
Flipper was programmed to take control of a computer keyboard, open a notepad and type messages — not a difficult feat for a tech-savvy person like Peterson. Once this was accomplished, the hacker would have permanent access to the victim's network.
“As new vulnerabilities are discovered, it becomes easier to penetrate networks,” Peterson said.
Who creates these vulnerabilities? Every time we add a new device to our home Wi-Fi system, such as a smart speaker or smart light bulb, we create a vulnerability.
“The more connected devices you have, the more potential points of intrusion an attacker can have. At home, you should be wary of network-connected door locks and garage door openers,” said Mike Herrington, vice president of sales at IT Now.
Home Wi-Fi systems come with multiple networks: Your home computer and banking information should be on one network, and your smart speakers and other devices on another, but Herrington says most people don't do that.
Previous Report: Flipper Zero
“Many home users lack the skills and knowledge, or no one has advised them to consider this,” he said.
One of their customers had a printer hacked and all the collected data stolen.
“If it's not configured correctly, it could be a vulnerability,” Herrington said.
The issue, according to Philip Landrigan, a professor of electrical and computer engineering at Brigham Young University, is that a device is either completely trusted by a Wi-Fi network or not trusted at all.
“What if you gave a device partial trust, allowing it to send some data but not access the network or the internet?” he said.
Related: Smart tech already in use
Landrigan said many devices are equipped with Trojan sniffers that look for other connected devices.
“They may be searching Windows devices to see what vulnerabilities exist on them or if they've been updated recently,” Landrigan said.
Other devices, such as smart home hubs, use Raspberry Pis. His students connected the Raspberry Pi to a 3D printer, hacked into the network through the Raspberry Pi, and shut down the printer.
Landrigan said big name companies have safeguards in place on their devices to limit these kinds of hacks, but smaller companies might not be as trustworthy.
“I worry about devices from no-name companies that probably won't exist in a year's time. What are they doing?” he said.
Landrigan and his team developed a new internet safety protocol that allows devices to send limited data to the internet without connecting to the entire home network.
