Not-So-Smart Samsung Refrigerator Vulnerable to Hacking
Security researchers grab Google passwords, highlighting new risks from the Internet of Things
Security wouldn't seem like a big worry with Internet-connected refrigerators. After all, what's the worst that can happen if your smart fridge gets hacked—melted ice cream? However, now researchers have reported a serious vulnerability in Samsung refrigerators, one that allowed them to steal users' Google log-in credentials.
The researchers were taking part in a challenge—set up by Samsung itself—to hack into a RF28HMELBSR smart fridge during the DEFCON hacking conference held in Las Vegas earlier this month. Samsung’s smart-fridge technology connects the appliance via Wi-Fi to various apps, including Google Calendar. The researchers, who work at a U.K. cybersecurity firm called Pen Test Partners, discovered that the fridge didn’t validate SSL certificates, a security-authenticating device, when it connected to remote servers such as Google's. And that left users vulnerable to having their credentials stolen by anyone able to access their Wi-Fi networks.
Worried about getting hacked?
Tell us in the comments below.
Samsung released a software update on August 25 meant to plug the vulnerability. According to the company, refrigerators will be updated automatically when they are connected to a network. Now, there's no evidence that such a hack has occurred in Samsung refrigerators out in the real world, but the incident does highlight some of the security and privacy challenges posed by the Internet of Things, which encompasses everything from smart door locks to Internet-connected TVs to self-programming thermostats. If you own smart appliances, there are a few things you can do to increase your safety.
First, make sure your router has WPA2 encryption enabled, so the hacker can't "sniff" the password and connect directly to your Wi-Fi. Also, the weaker the connection between your router and the smart device, the easier it is to break into your Wi-Fi network. So, if possible, place your router close to your smart device. Use strong passwords on devices such as security cameras. And, finally, make sure the benefits of Internet connectivity are things that matter to you—if you don't care about a Google calendar appearing on the door of the refrigerator, simply don't connect the appliance to your network.