Hackers could use our freezers to spy on us, even if they’re not connected to the web, a prominent cyber security expert has warned.
Donald Toon, director for economic and cyber crime at the National Crime Agency (NCA) said that, as long as a device or appliance is capable of being connected, it can be hacked.
So even if you have a “smart” freezer or a heating device that you have decided not to link it up to the internet, hackers can still use software to trigger the connection, according to Toon.
Once hackers have gained access to the device in question they can either use it to spy on you through your other devices, or harness its computing power to launch a cyber attack.
“It could be used to try and connect with other devices that you may have,” Mr Toon told BBC Radio 4’s Today programme .
“The other issue that it can be harnessed as part of a collective approach, using computer processing capability in a whole range of devices, to then help launch an attack on a business, on a bank, on part of the national infrastructure.
“Essentially that’s then linking hundreds of devices together to create a massive distributed denial of service attack.”
He added that the only way a normal person would know if they devices were being used in this way is if they noticed an increased usage on their WiFi.
Toon’s comments were in relation to a new joint report from the NCA and National Cyber Security Centre (NCSC), which warns that internet-connected devices could be targeted by cyber criminals seeking to hold users to ransom over their personal data.
A surge in the number and variety of these devices gives attackers more opportunity to deploy their increasingly “aggressive” and “confrontational” tactics, the report warns.
It highlights the huge amount of personal information on consumer gadgets which could be exploited by criminals seeking to commit extortion or fraud.
“This data may not be inherently valuable, and might not be sold on criminal forums but the device and data will be sufficiently valuable to the victim that they will be willing to pay for it,” the report states.
“Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom.”
There have even been suggestions that baby monitors and pacemakers could be vulnerable to hacking.
However, the paper notes that smart devices are still “inherently more difficult” to attack than traditional computers, saying that incidents may initially be limited to users who download apps from third-party app stores.
Analysts have forecast that by 2020 there will be as many as 21 billion connected devices used by businesses and consumers around the world.