But how would a hacker get in? If your home is protected through an X10 automation system, for example, the answer lies in the power lines. Last month, two security researchers went to a convention in Vegas and showed off tools they'd created that could tap into the power lines that home automation systems use to communicate. From there, hackers could monitor the house lights to see when occupants were away, jam alarm signals, block alerts to police and fire departments, disable motion sensors or even just overload the system with a flood of commands.
If all that seems far too complicated for a novice hacker, why not just sneak in through the automatic garage door? This was much easier years ago, when garage door locks used a PIN code set on the remote and garage door control. But even today's newer systems using what's called an IperCODE are fairly easy to get around, as evidenced by the sheer number of hacking products that come up under a simple search engine query for IperCODE.
"While it offers more protection, it too has been hacked," says Michael Gregg, the chief operating officer of Superior Solutions. "There are programs (not in the Apple Store) that can create rolling codes to attempt to pair with the garage door and obtain access."
Once you're in the garage, it gets much easier to access . . .
Slim jims, wire hangers, bashed windows? These are the methods cavemen use to break into and steal cars. Today, it's a lot less messy and labor-intensive.
"Beyond the TV, we think the car is the next connected platform," Mocana's Turner says. "It is security services, diagnostic services and entertainment services, and there's a lot of promise for these systems to communicate with each other."
Five years ago, cybercriminals stole two of soccer superstar David Beckham's BMW X5s by using a laptop and transmitter to unlock them and activate the ignition. A jammer is placed close to the car and prevents the owner from being able to remotely lock or unlock it, while a scanner rolls through all possible codes looking for a match. As there are about 3 billion codes, the 10- to 15-minute process still isn't the most effective way for hackers to break into an automobile.
Given the other, potentially deadlier options, car owners should feel lucky if only their locks and starter are hacked. Car dealerships are more commonly using remote vehicle-immobilization systems to cut the ignition or repeatedly honk the horns of cars whose owners aren't paying in a timely fashion. A recently laid-off worker at an Austin, Texas-area dealership hacked into his former employer's records, began tampering with payment information and disabled 100 cars before the dealership reset all employee passwords and police traced the employee's IP address.
Even that seems like a prank compared with what scientists from the University of California and the University of Washington were able to do with cars last year: hack a car's computer through wireless connections similar to General Motors' OnStar system, control the car while it was in motion, apply the brakes, selectively brake each wheel to steer, and shut down the engine completely. They were also able to shut down the brake and accelerator completely so the driver would have no control whatsoever -- then removed malware once the vehicle had crashed.
"To date, automotive systems have not been widely targeted, primarily because attackers like to go where there is access to money or sensitive data," Superior Solutions' Gregg says. "There's no big monetary prize in attacking such devices. However, many of these products are relying on security by obscurity."
Basically, automakers are just hoping hackers won't spend the time or effort to figure out that cars can be hacked through tire pressure monitors, as researchers from Rutgers University and the University of South Carolina discovered last year, or through Bluetooth connections and music files, as the same University of Washington and University of California researchers found earlier this year.
"There's a lot of discussion about the car systems and entertainment systems being on separate buses within the car, so if someone breaks through via a browser-based or entertainment-based system, they won't be able to set off the airbags or muck with the brakes," Mocana's Turner says.
But even hacking your car, cutting the brakes and setting up a potentially fatal crash seems less direct than remotely pulling the plug on . . .
Yeah, that pacemaker that keeps your heart going, or that defibrillator that gives Grandpa a jolt if his heart stops, or that insulin pump that keeps your diabetic sibling stable -- it's all completely hackable.
"These devices also send data to the outside world by means of radio frequency communication, which could allow someone to send rogue instructions to an implanted device by intercepting the device's wireless signal and then broadcasting a different signal," Superior Solutions' Gregg says. "When a computer fails, you reboot it, but when a pacemaker fails, someone could die."
He's not kidding, and researchers, lawmakers and the Federal Drug Administration aren't laughing. In June, the FDA stopped treating medical device software updates as accessories that required weeks or months of premarket approval processes and started treating them as patches critical to the safety of patients that need to be released immediately. Just last month, researchers at the Massachusetts Institute of Technology and the University of Massachusetts Amherst proposed a method for jamming foreign signals that could shut down defibrillators and prompted members of the House Energy and Commerce Committee to call for hearings on the safety of these devices.
"What's different about this era of computing is that a lot of these devices are going into critical context, and then this data that's moving across them is becoming more valuable, whether you're talking about a handset with enterprise data or a medical device that's in the field," Mocana's Turner says. "Unfortunately, these systems are so porous today that bad things will happen, and there will be physical consequences because of the nature of the devices."
At the very least, Turner insists that vulnerability will lead to lawsuits that will push insurance companies to enact a universal, manufacturer-neutral set of guidelines for securing these devices before they can be covered. In the worst-case scenario, however, a hacker's keyboard becames a deadly weapon.
"While this may seem far-fetched, attackers will always think outside the box," Gregg says. "Such attacks could be of interest to terrorists or others looking to target government officials or military leaders."
This article was reported by Jason Notte for the Street.
VIDEO ON MSN MONEY
Hacking is a problem because of all the holes and backdoors microsoft leaves in its OS. Holes that are mandated by the government. The government doesnt want our systems to be hack proof. Because they are the biggest hackers of them all.
You make a hack proof OS, and I guarantee the government would outlaw it.
Makes me kind of glad I drive a car that pre-dates computerization all together.
No one's thoughts are private.
Have your door locks changed once by a locksmith and someone can be taking a peek inside your home within a week. The locksmiths have had their brains pick-able for the last decade too.
Everyone and their brother knows your SS#, DOB, full name, mother's maiden, account numbers and past addresses.
Oh yeah, the govt knows. Some politicians must be getting huge kickbacks from the pharmaceutical industry. Their greed is going to ruin Social Security by bothering so many people with the voices. The victims just want to work, enjoy a few luxuries and be left alone but they are tortured instead.
Now the shrinks say anyone is capable of hearing the voices at any time, so you bet someone can take a look at anyone, anytime and anywhere. Your bank deposit and even your bedroom are not private.
Psychiatry is a sleazy profession, just like politics.
Just maybe we should have left things the way they were, no computers(control circuit boards) in washers, refrigerators, TVs, cars, and other appliances. This technology is too easily hacked.
Hopefully, my TV won't order a good movie, or sports pay per view when I'm not home and my refrigerator order a twelve pack of beer to drink while watching the TV event... They can at least wait till I'm home.....
The other day a hacker "hacked" my dog and made him take a dump on my wife's favorite rug. When will the govt. finally start doing something!
Oh you mean the music that was originally STARTED by black people? Let me know if you would like another cup of owned, sir.
Says the guy that posted this using a computer networking system...Unless you live in the boonies and / or like a mormon in Va, your post holds no weight. Even using electricity is using technology.
Copyright © 2014 Microsoft. All rights reserved.
Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.
RECENT ARTICLES ON IDENTITY THEFT
Casual dining restaurant chains have jumped on the happy hour train with deals on drinks and snacks -- maybe enough for dinner.