The IoT security is much-debated topic that needs more attention in near future. It might seem convenient to connect your all home devices to the internet and track them on the move. But, it should be noted that it’s possible that your favorite home-gizmo is spilling your secrets.
For example, take the humble tea kettle boiling a nice cuppa for you. A security researcher in England has been hacking into the smart iKettles all across the country and cracking the private WiFi passwords.
“If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle,” says Ken Munro, a researcher with Pen Test Partners.
The iKettle is actually a ‘smart’ kettle that can be turned on using a smartphone app. But, these smart kettles are reportedly ‘insecure’ if not configured properly and could cause a WiFi kettle hack.
He cracked the home WiFi passwords “easily” and explains the process of WiFi kettle hack: “Attackers will need to setup a malicious network with the same SSID but with a stronger signal that the iKettle connects to before sending a disassociation packet that will cause the device to drop its wireless link.”
So, a skillful hacker can just sit outside your home with an antenna pointed towards the home, boot the kettle off its access point and connect it to his device. Now he can easily steal your passwords in plain text to execute this WiFi kettle hack.
Munro says the security of the Internet of Thing devices is “utterly bananas” and some urgent steps are the need of the hour.
Watch the video below where the WiFi kettle hack is explained: