Remember
when we only had to worry about our computer being hacked? Those were the days.
Unfortunately, as technology improves and an ever-increasing number
of otherwise mundane devices are outfitted with microchips and wireless
connections, we’ve also seen a rise in security vulnerabilities in everything
from mobile phones to pacemakers. And now, sadly (or hilariously), even our
toilets aren’t safe.
Security
company Trustwave issued an advisory last week that LIXIL’s Satis line of smart
toilets is vulnerable to hackers with a penchant for pranks. Among the many
vital features of the toilets are the capabilities to play music, raise the lid,
flush, and operate the bidet with a Bluetooth connection and an Android app.
Unfortunately for the unsuspecting toilet enthusiast, LIXIL hard-coded the
Bluetooth PIN “0000” into all of their toilets. This means that any
ne’er-do-well with a smartphone can download the “My Satis” app and control any
Satis toilet.
An attacker could simply download the
"My Satis" application and use it to cause the toilet to repeatedly
flush, raising the water usage and therefore utility cost to its owner. Attackers could cause the unit to
unexpectedly open/close the lid, activate bidet or air-dry functions, causing
discomfort or distress to user. [Trustwave]
Here
at SumRando, we’re wondering why anyone would need to remotely access a toilet.
Perhaps they just like a fresh bowl?
And
while hacking a toilet may be laughable for the security-minded (or anyone),
the widespread neglect of basic security precautions in non-traditional
wireless devices is a serious issue. Things like computer-controlled power
grids, remote-controlled pacemakers, and digital medical records have
dramatically improve our quality of life through greater efficiency and
accuracy. But as we increase our connectedness, we also open ourselves up to
substantial risk. Moving forward, it is essential that we include security and
privacy in any discussion relating to technology. Unless we establish and
prioritise cybersecurity best practices, we could find our progress flushed
down the tubes.
No comments:
Post a Comment