Be Aware of Unsecured IoT Toys this Christmas

13 Dec 2016

Be Aware of Unsecured IoT Toys this Christmas

By Tony Daly –Cyber Security Consultant at PGI

It is that time of the year again when parents and Santa are inundated with requests for presents from their loved ones – apparently, Santa is delivering a Paw Patrol scooter to a very excited toddler in our household this year.

If you sit down and watch children’s television at this time of the year you would be under the impression that you are not watching children’s television but in fact non-stop advertisements.

However, those of you with older children may be hounded by requests for more advanced toys. It is probably fair to say that some children are more digitally adept than their parents and thus will want the latest must-have gadget. Inevitably, a lot of these devices will be internet connected and these can bring additional risks.

Are you aware of these risks?  

This is where the Internet of Things (IoT) rears its head.  There are massive benefits to having IoT connected devices and yet there are severe pitfalls which currently revolve around the issues of privacy and security.

There have been several high-profile incidents in the media in the past month or so where IoT devices have been exploited and used to carry out Distributed Denial of Service (DDoS) attacks against multiple targets.

Parents would never deliberately place their children in harm’s way in normal day-to-day activities, yet when it comes to Christmas and Birthday presents, we tend to cave in (or grandparents end up spoiling them) to their demands without doing due diligence on these toys. If someone told you in the mid 1990’s that your children would be able to play with toys that anyone across the world would be to communicate via, then you would not believe them.

A toy manufacturer, Mattel, got caught out in 2015 when one of their products, Hello Barbie, was discovered by a U.S. based security researcher to be susceptible to hacking. An attacker could gain full access to the microphone – hardly a suitable toy for your children. Economics plays a big part in deciding whether security is baked into the design of a device or is added as an afterthought and unfortunately, it would appear the latter category is the go-to option.

What’s the point of this article you may ask? It’s not designed to alarm you but to merely highlight to those of you who are purchasing internet connected devices and toys that you do your due diligence on your toy of choice, be aware of the risks involved and observe how your children interact with these toys and devices.

The saving grace is that when children get bored of their toys and resort to playing with the packaging instead, there will be no risk of hackers exploiting cardboard boxes. Although I can’t guarantee that answer will still be the same in years to come.

For the latest PGI updates like our pages on LinkedIn – PGIPGI Cyber , Facebook – PGIPGI Cyberand Twitter

Share this article


Your free global geopolitical
risk dashboard

PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.

The Risk Portal gives users up-to-date information and analysis on global affairs.

The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.

Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.

Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.

Visit the Risk Portal

Subscribe to our Cyber Bytes Newsletter

Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.

Get in touch today

For more information on how we can help you or your business, please contact us via:

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Read news article

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Read news article

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Read news article
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP