Are Your Smart Appliances Spying On You?

And so, the season starts. Which one is it that we’re referring to? Cyber Monday, Black Friday, Prime Day…all of these sales tend to lean towards exceptional deals on electronics, and today that means the “smartest” of appliances are being purchased and set up in our homes.

By getting the latest and greatest, are we inadvertently putting a spy in our home? Do smart appliances have the ability to hear and see what we are doing?

The answer is a little complex, but there are aspects of these devices that all consumers should be aware of.

First, these are not designed to spy on you.  But when you allow access to any program, person, or company into how you live and work, you are providing them with data.  This is not new.  Every time you check a box or fill out a form…whether it be at the doctor’s office or on your smartphone, you are providing data.  That data is used to learn habits, tendencies, behaviors, choices, and a variety of other things that are then used in marketing and consumer research.  These “smart appliances” are not doing anything new.

What they are doing is creating a portal of entry to themselves that hackers may access to manipulate you.  An extreme example of this was when Martin Hron hacked into a smart coffee maker to use the machine to demand money.  It should be noted that the company has since updated its security measures.

Google Home device and smart phone

What About That Assistant?

Products like Amazon Alexa and Echo, Apple’s Siri, and Google Assistant use ‘wake words’ to activate and ready themselves for a reaction.  It was originally thought that ONLY after the wake word was said, your conversation was recorded, but it was discovered that they are generally listening all of the time when turned on.  Yes, you can modify your files, but the data remains somewhere and is being used by someone.

While your refrigerator may provide online access, what information is available will vary with how you use it, and what the capabilities are.  We can go down a rabbit hole of what-if scenarios with the Internet of Things (IoT), but what we should address above all, is the human factor in all of it.  When you register your device and create that online account – even if you do NOT use the Wi-Fi capabilities that come with your kitchen or smart tv devices, you are providing hackers with account credentials.

“Who is going to hack my stove account and who cares if they do? Good, I hope they cook me dinner…”

It’s not that simple.

Your simple username and password combo could be compromised, leading hackers to find out far more information than what your last meal was.  It isn’t that data that they want, it is the credit card that is stored to linked accounts, or the password that gets them into your bank that is the same as your dishwasher registration.

Collecting data is one thing that you should be aware of, but if you are worried about one platform, you should be aware of all of the platforms that provide access.  However, collecting credentials is a whole other beast that you really need to be aware of above everything else.

Want more cybersecurity tips to help keep your business safe & secure? Sign up for our email newsletter and have new articles & tips delivered straight to your inbox monthly.

Posted in

Tracy Hardin

Tracy Hardin is President and founder of Next Century Technologies in Lexington, KY. She has a bachelor's degree in computer science from the University of Kentucky and has earned certifications from Novell, Cisco and CompTIA. Her specialties in the field of IT are network design and security, project management and improving productivity through technology. She loves helping people by sharing her knowledge of tech.