How to Steer Clear of Holiday Hackers


With the evolving technology climate that we are currently living in, everything from

our watches, to our children’s toys are speaking to us, listening to us, and of course,

connected to the internet in some way. These developments open doors to new and

amazing features, but they can also unfortunately, leave our homes vulnerable to cyber

security attacks.

Hackable Gifts to be aware of:


Backstabbing Barbie. Kids telling secrets to their toys is a cute and beloved

tradition. With the toys now beginning to talk back, we never expected what this

Barbie was saying, and recording. Toy Talk has developed a Barbie that now

records the “secret” conversations it has with children, so that these records

can be played back, or even shared with third parties. Furthermore, if the doll

deems it necessary, she can alert law enforcement using her “always on”

technology. Despite this safety factor, this is ultimately an invasion of privacy.


The bad babysitter. Having a baby monitor is a great convenience for new

parents. The ease of checking on the little one from our phone screen also gives

us piece of mind that they are safe, without having to get up every time we want

to check on them. Unfortunately, some of these cameras are easily accessed and one

hacker even spoke to the child through the speaker during the night! This was in

part due to a lack of security updates by the product owners. Not only can they

spy on your baby, but they can listen in on your personal conversations and take

your information.


The key to your Car. The new smart cars on the markets might be easier to outsmart than we

thought. This year a few academic hackers were able to take control of a Tesla model S with only

$600 worth of radio and computer technology. They discovered that the key fob was not heavily

encrypted and managed to control everything from the speed to the breaks. Tesla has

begun encrypting their fobs as of June of this year, so any Model S cars purchased after June are

safe from this Key Fob hacking technique. Furthermore, Tesla has rolled out an update that allows

the driver to set a PIN code that they must input before they can drive the car.


Nested in your home. The Nest home thermostat is a thermostat that is

embedded in your home to help you optimize the temperature and reduce energy

bills. This product is a part of the Internet of Things that includes any commonly

used appliances that are connected to the internet. This may seem beneficial but

in reality, companies like Apple and Google want to learn as much about you as

they can so they can tailor your experience to you as well as sell data to


How to avoid an attack:

1. Power it off: When not in use, turn your device off. This ensures your words aren’t being recorded.

2. Use a secure Wi-Fi: For your home wireless router, make sure to enable

security features that reduce your risk of misuse.

3. Change the default password: Many consumers forget or neglect to change

the default password, this can be an open door for hackers to get in. Use unique

and new login passwords when creating user accounts. This means lower and

uppercase letters, numbers and special characters.

4. Install the updates: Ignoring those pesky updates and patches opens the door

for hackers to access your information. Sometimes those patches are crucial for

your protection, just like in the baby monitor case.

5. Educate your children not to give out information: When handing over an

internet-connected device to a child, be sure to educate them on the do’s and

don’ts of the internet and what information is not to be shared on the device.

6. Report an attack to the FBI’s internet crime complaint center.

7. Know your rights: Those pesky privacy policies and user agreements are long

and painful to read, but that’s how you learn where your data will be stored,

including third-party company access. A quick Google search can reveal most

known security issues. For quality and safety research, check out services like

Consumer Reports and the U.S. Consumer Products Safety Commission.

8. Share sparingly: A toy may want to celebrate your kid’s birthday, but that data

can be used for identity theft. Only provide what is minimally required when

inputting information for user accounts. Some services offer additional features if

birthdays or information on a child’s preferences are provided.

Davis Women in Business