The FBI has issued a warning to American parents that high-tech children’s toys could be spying on them. The bureau posted an advisory on its website detailing the possible safety risks posed to youngsters by Internet-connected toys.
It says smart devices with sensors, cameras, and microphones could all be used to collect and store a child’s personal information.
Adding that they could become vulnerable to exploitation and identity fraud. That could happen if children reveal personal details in conversations with, or near, the toy.
RT spoke to Hemanshu Nigam, founder of SSP Blue, a leading advisory firm for online safety, security and privacy challenges, and asked him about the vulnerabilities of such toys.
RT: How real is this danger, considering the FBI thought it necessary to warn people about high-tech toys? Could you outline the worst case scenario of what could happen?
Hemanshu Nigam: There is an real worst-case scenario here: we are connecting our children to these toys, which are attached to the internet. In that sense, we are exposing them to anyone around the world. It is quite possible for the exploitation type of hacker to get into that toy and listen. Imagine, a child in a normal setting saying to their Teddy Bear that is connected, “Mommy is not home, she went to the grocery store, it is you and me, buddy, we are going to hang out and make some dinner” and things like that when they are playing with their toys. All of a sudden, the hacker knows the child is alone at the house and with the GPS connected to it – they know exactly where that child is alone at the house or is at a babysitter, or they are going on vacation, and where they are going to go so the house is going to be empty. There are all sorts of things that can happen. So, what you have to do is imagine a home with a child inside it and all the windows and the doors are open because of the fact that that toy is opening doors to that child’s home.
RT: What particular types of toys are vulnerable?
HM: There are quite a bit of toys coming out on the market, what people are calling IoT [Internet of Things] and what that means is that it is basically connected to the internet. That is all Internet of Things means, and those toys could be a cooking device or a fake cooking device, but it is connected because it is sending out signals that are going to gather some other connected information like a recipe: download the recipe that you want to try right now. It could be a Teddy Bear or any kind of toy that exists. They are trying to add 21st-century digital technology because that apparently is what people are buying and they are responding to the market demand.
- There are privacy issues. And those are very real. I commend the FBI for writing an excellent public service announcement. And to be clear, that is what this is. It is a public service announcement. It is not an issue of an alert, or a threat or an attack or anything like that. Parents should pay very close attention to this public service announcement to protect their privacy, the privacy of their children. And that is true for any internet connected device that is in your house. – Jeffrey Carr, cybersecurity analyst, to RT
RT: What can parents do about it?
HM: One of the greatest things that parents can do is take control of this situation, be the parent you are in the physical world. In the physical world, you make sure anyone does not access your kid, there are locks on the doors, you check the front door and the back door before you go to bed at night. In this particular case, if you have a Wi-Fi or an internet connected device. It cannot work unless there is a connection to the internet: secure that internet, keep it updated, keep running anti-phishing, anti-virus software and make sure your password protecting the wireless routers which many people don’t like doing and they keep it open which means opening the front door.