Connected toys under attack: How to protect our children from hackers
In times where online privacy is at constant risk, our children need to be protected as never before from hackers who can spy on them and exploit sensitive information.
Toys giants like Mattel and Hasbro have proved in recent years that their toy products can be vulnerable to cyber attacks just like any home with sloppy Internet security measures. So what should a parent do to protect their kids from online predators?
According to Which?, a well-known reviews company in the UK, connected toys are becoming increasingly popular among children and parents should be responsible for their own kid’s security. “Our investigation shows, anyone considering buying one should apply a level of caution,” said Alex Neill, managing director of home products and services at Which?
“Safety and security should be the absolute priority with any toy. If that can’t be guaranteed, then the products should not be sold.”
In 2015, Mattel launched a Wi-Fi enabled Hello Barbie doll that children can talk to, responding with over “8,000 lines of recorded content. Before Mattel implemented fixes, an attacker who had access to a home’s Wifi network was able to steal passwords and record conversations from the toy.
Furby Connect, Intelligent Robot, Toy-fi Teddy and CloudPets are among other toys within the same category that demonstrated similar flaws and led to several privacy complaints.
As well as any ordinary computer that is directly
connected to the Internet and gets assigned an IP number, Internet-connected toys work the exact way and can even be found online if their IP addresses get exposed. Besides, these toys can collect massive amounts of information through cameras, microphones and sensors the moment that children interact with them.
Should not harmless interaction between a kid and their toy be merely fun? It definitely should; however, the implications of not protecting the little ones could make them pose as easy prey for paedophiles considering that some toys could include GPS and speech recognition components.
Hands-on safety and privacy
The agency’s Internet Crime Complaint Center (IC3) recommends parents to be cautious of I
nternet-connected toys and advises consumers to carry out checks before purchasing them. It is
also suggested that you examine the user agreement disclosures and privacy practices of each Toy company that sell these kinds of products. In regards to this advice, we can confirm about the importance of doing so as we found a recent privacy statement published by Hasbro on their Website (https://www.hasbro.com/en-us/privacy#D) in which states that Hasbro may collect and store persistent identifiers (e.g., cookies, IP addresses, etc.) from Children without parental consent.