While they can sometimes help us simplify some everyday tasks, smart home devices can also be used by threat actors for malicious purposes. This is the case of a family in Wisconsin, US, whose members began to be harassed by a group of hackers that compromised the management portal of their Google Nest smart home system, cybersecurity experts report.
After the intrusion, the hackers proceeded to manipulate the Internet of Things (IoT) devices installed in the home of the affected family, starting by raising the temperature to 32 degrees Celsius with their smart thermostat. The owners of the house, Lamont and Samantha Westmoreland, downplayed the event, thinking that the heating system had simply broken.
However, the problems continued. As the couple recounted to cybersecurity experts, after that voices began to be heard from the Westmoreland’s smart speaker, followed by some loud obscene songs. The family tried to disconnect the system and change the password of their Google Nest account, but this didn’t help.
Samantha Westmoreland says this left her very uneasy: “My heart got twisted, I feel scared just to talk about it,” the victim says.
According to cybersecurity experts, to do this the hackers had to access the Westmoreland’s WiFi network to then access the Google Nest system. Google officials noted that hackers most likely found the family’s WiFi passwords due to leaks on other platforms, such as router manufacturers or Internet service providers.
Specialists from the International Institute of Cyber Security (IICS) mention that the hacking of IoT devices is becoming an increasingly common practice, partly due to the growth in the use of these devices, but mainly thanks to the poor information security knowledge among users of this technology. It is very common for users not to change the default passwords on these devices, leaving them too exposed to any intruders. Changing factory passwords on these computers and setting other security measures, such as multi-factor authentication, can be really useful measures to prevent unauthorized access to our networks and smart devices.