Page 24 - Cyber Warnings
P. 24
COUNTERPOINT: A New Era of APTs (Advanced
Persistent Teddy [Bears ])
By Anna Wehberg, Sr. Marketing Director, Hexis Cyber Solutions
The meteoric rise of internet-connected devices, or "smart" devices, is apparent both at work
and at home.
Just as prolific is the warning many cybersecurity organizations provide around the need to
protect these devices and address them specifically as part of any good IT security plan.
These toy technologies are not often designed with security in mind, and neither are their back-
end systems.
According to a recent article in CSO Online, flaws found in the Web services operated by smart-
toy makers could expose children's personal information and location to potential hackers.
Can you say scary? The thing that comes immediately to my mind is a stalker preying on
children, not just the “normal” cyber criminal looking for personal data like your social security
number or banking information.
And if you’re parenting style is like mine, you’ll stop at nothing to protect the innocence of your
kids from people who are nothing short of crazy.
I personally love the idea of the smart-toy technology and think it’s great that kids can maintain
that connection with parents during separation.
However, a validation issue in this particular stuffed toy exposes APIs, creating the potential for
hackers to find toy IDs, names, and type of toy associated with the child’s profile.
The danger is that this could additionally provide hackers with access to the child's complete
identity, including name, date of
birth, and gender.
And this is where things start to
snowball because hackers need
just a few points of information and
before you know it, a 5-year old
has a tanked credit score and
dozens of credit card accounts he
never opened, all before the legal
age of 18.
24 Cyber Warnings E-Magazine – February 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
