Highly-desired Aga cookers have joined the growing list of products that can be classed as cyber security risks.
Cyber security researcher Ken Munro of Pen Test Partners has claimed an app that lets Aga cooker owners remotely control their ovens could be hijacked and used to turn the oven on or off.
While this can’t be done in a way that makes the cookers dangerous, it’s part of a worrying trend of traditionally non-digital products that can now be hacked. And it seems a high price doesn’t mean better security.
For the cash-rich, time-poor; the idea of heating the oven on the way home is a no brainer. And given its $10,000+ price tag, Aga buyers are right to expect a premium product — and for cooking purposes, it is.
The ovens vulnerabilities demonstrate that all too frequently, consumer goods manufacturers seem to not place enough focus on robust cyber security for their products.
If you aren’t worried your oven could be hacked, clearly you’re not worrying enough
Years of mistakes and lessons, have meant that the IT industry has built up a set of cyber security standards.
These aren’t always perfect and cyber security is a game that is impossible to win.
Thanks to the Internet of Things (IoT) — which some times is known by other names — means that Aga or anyone else can harness the power of internet to deliver real innovation.
The ability to heat up the oven on your way home is an excellent consumer application of Internet of Things (IOT) technologies.
It is the accessibility of IoT which can be dangerously misleading.
It has never been easier to hook up any Thing to the Internet. But whether it’s an Aga oven or a child’s toy now classed as a bugging device, lessons have to be learnt on the practicalities of proper networking procedure.
It’s understandable how these things get overlooked in the design phase, and then never picked up further down the line. It’s pretty dull, un-sexy stuff.
Designers who have little expertise in IT don’t help matters, managers who are stretched over too many projects, and board members who are focused on the bottom line don’t help.
The Internet of Things is fast becoming the Internet of Everything
But this isn’t just an issue for companies customers or their margins though.
As we connect more devices to the internet, the ability for hackers to harness more points of connections to deliver attacks increases.
This isn’t science fiction; IoT devices have already been abused — and they will be again. The IoT botnets Mirai and Leet have the have computational brute power to easily deliver vast attacks and be used as a commercial, albeit criminal, service.
Because of this, the IT industry is worried about its friends in consumer businesses — so much so that there reams of documents on how companies can protect themselves, their products, and their customers. All available for free.
Best practise guides have been produced by the IoT Security Foundation. To keep us all safe smart home manufacturers need to learn from the IT industry’s expertise sooner rather than later.