It's an unsettling experience to have your home invaded by some kind of technological poltergeist. Unusual messages spontaneously emerging from your printer. Disembodied voices coming through your security camera. Thermostats going haywire, odd videos interrupting your evening's television viewing and doors unlocking without warning. While these occurrences are still relatively uncommon, last year saw a marked increase in hackers targeting internet-connected devices in people's homes: from light bulbs to plant waterers, music players to central-heating systems. The consumer appeal of this kind of gadget is obvious: by hooking them up to your network, you can automate them and control them remotely – but with that convenience comes vulnerability.
The problem is on the rise
In recent months, a number of well-publicised incidents have raised awareness of the problem. In November, a group of hackers in Calgary, Canada, accessed a security camera belonging to a man living 2,500 kilometres away in Arizona and spoke to him through the device to warn him that his home was insecure. One of his personal passwords had leaked on the internet, and he had used the same one for his camera. Last week, someone styling themselves as "TheHackerGiraffe" hijacked tens of thousands of printers and Chromecast devices to display messages promoting the videos of Swedish YouTuber PewDiePie.
While these incidents seem to be mischievous rather than malicious, they highlight a more sinister problem, according to John Shier at security software firm Sophos. “Insecure devices can become a gateway into the rest of your network,” he says. “This could dramatically impact your privacy if documents are stolen or your traffic is monitored. But the more likely scenario is one we’ve seen time and time again, where devices are hijacked to become part of a botnet – perhaps a hundred thousand strong – which is then used to attack somebody else.”
Craig Young, a researcher at cybersecurity firm Tripwire, explains that compromised devices can also present a direct risk to personal safety. “If a Chromecast device is improperly exposed to the internet,” he says, “someone could find out its physical location. Then, if they see that no one has watched TV for 24 hours, they might guess that you’re away from home.” With a predicted 20 billion so-called “Internet of Things” (IoT) devices online by 2020, the potential for this kind of crime is growing by the day. “We need to start thinking in terms of herd immunity,” Shier says.
Security can be sacrificed for ease of use
While it’s true that many people take little interest in their own digital security, Young believes that a good deal of the blame can be laid at the doors of certain manufacturers. With the growing trend for devices to work straight out of the box, the industry-wide pursuit of a “frictionless” experience – no menus, no passwords, no hassle – can present problems. “Firms want to encourage adoption of these new technologies,” Young says. “So some of them make devices easier to use by sacrificing certain security components. They promote the idea that anything you put in your home network is safe because it’s only used by people you trust – but that doesn’t meet the reality of the modern internet.” Shier also sees security problems in budget products. “The firms who want to get in on the IoT craze will try to get to market cheaper than everybody else,” he says, “and so corners are cut.”
_________________________
Read more:
As Haley closes Twitter account, are Trump and team headed for social media standoff?
From driverless cars to delivery drones: What will technology do to us in 2019?
AI-created photos: a threat or opportunity?
_________________________
User-friendly devices that don't require a password to access them present obvious problems, but devices where default factory-set passwords are never changed by the user are equally unsafe. Such devices have been attacked for years. In 2014, a Russian website began broadcasting streams from unsecured webcams and it became hugely popular – but we still haven't wised up. A 2017 article by security company Positive Technologies estimated that the default passwords of 15 per cent of internet-connected devices have never been changed since they were unboxed. A simple Google search can reveal those default passwords, giving hackers a big head start when looking for vulnerabilities.
Hackers are trying to expose poor security
As hacking methods become more sophisticated, smart devices also need regular firmware updates to stay secure – but the habit of checking for such updates hasn't caught on, according to Young. "I don't know about you," he says, "but I don't think many people are logging in to, say, their router on a regular basis to see if it needs an update. The only way somebody will do that is if they see a news story telling them that it's being exploited." Shier agrees. "It's difficult to incentivise somebody to do something from a security perspective," he says, "but when you see that someone's webcam has been hacked, well, then it becomes real."
TheHackerGiraffe, who perpetrated last week's printer and Chromecast exploit, styles himself as a "white hat" hacker whose exploits are to alert consumers to poor security. "I just wanted to tell people that their devices were vulnerable," he said in an audio post on Twitter. "It doesn't matter how many blog posts security researchers write. No one cared, no one thought about it. But all it took was someone like me. The number of printers exposed went down, people started protecting their stuff. I'm glad." But having received a number of threatening messages in the past few days, he has curtailed his activities and deleted almost all of his online accounts. "I definitely don't support hackers using people's devices [in this way]," Young says, "but I can understand where they're coming from."
The problem evidently can't be solved by public-spirited hacking alone, and Shier believes that governments will soon start to take action. "I think they will provide incentives to companies by drawing up a set of guidelines," he says, "and if a product meets all of them, then they'll have the opportunity to put a gold star on the box [as an assurance of quality], so that it stands out from the others." This would certainly be a step in the right direction, but little progress is being made on agreeing an international set of guidelines for the security of baby monitors, fridges, smart kettles and home hubs. For the time being, it's down to us to recognise that devices that claim to make our lives easier also have the potential to make them much more difficult.
OIL PLEDGE
At the start of Russia's invasion, IEA member countries held 1.5 billion barrels in public reserves and about 575 million barrels under obligations with industry, according to the agency's website. The two collective actions of the IEA this year of 62.7 million barrels, which was agreed on March 1, and this week's 120 million barrels amount to 9 per cent of total emergency reserves, it added.
Profile of Tarabut Gateway
Founder: Abdulla Almoayed
Based: UAE
Founded: 2017
Number of employees: 35
Sector: FinTech
Raised: $13 million
Backers: Berlin-based venture capital company Target Global, Kingsway, CE Ventures, Entrée Capital, Zamil Investment Group, Global Ventures, Almoayed Technologies and Mad’a Investment.
Our legal consultants
Name: Hassan Mohsen Elhais
Position: legal consultant with Al Rowaad Advocates and Legal Consultants.
Kill
Director: Nikhil Nagesh Bhat
Starring: Lakshya, Tanya Maniktala, Ashish Vidyarthi, Harsh Chhaya, Raghav Juyal
Rating: 4.5/5
Racecard:
6.30pm: Mazrat Al Ruwayah (PA) | Group 2 | US$55,000 (Dirt) | 1,600 metres
7.05pm: Meydan Sprint (TB) | Group 2 | $250,000 (Turf) | 1,000m
7.40pm: Firebreak Stakes | Group 3 | $200,000 (D) | 1,600m
8.15pm: Meydan Trophy | Conditions (TB) | $100,000 (T) | 1,900m
8.50pm: Balanchine | Group 2 (TB) | $250,000 (T) | 1,800m
9.25pm: Handicap (TB) | $135,000 (D) | 1,200m
10pm: Handicap (TB) | $175,000 (T) | 2,410m.
Abu Dhabi GP schedule
Friday: First practice - 1pm; Second practice - 5pm
Saturday: Final practice - 2pm; Qualifying - 5pm
Sunday: Etihad Airways Abu Dhabi Grand Prix (55 laps) - 5.10pm
Avatar (2009)
Director: James Cameron
Stars: Sam Worthington, Zoe Saldana, Sigourney Weaver
Rating: 3/5
Who are the Soroptimists?
The first Soroptimists club was founded in Oakland, California in 1921. The name comes from the Latin word soror which means sister, combined with optima, meaning the best.
The organisation said its name is best interpreted as ‘the best for women’.
Since then the group has grown exponentially around the world and is officially affiliated with the United Nations. The organisation also counts Queen Mathilde of Belgium among its ranks.
Company Profile
Company name: Cargoz
Date started: January 2022
Founders: Premlal Pullisserry and Lijo Antony
Based: Dubai
Number of staff: 30
Investment stage: Seed
Top 5 concerns globally:
1. Unemployment
2. Spread of infectious diseases
3. Fiscal crises
4. Cyber attacks
5. Profound social instability
Top 5 concerns in the Mena region
1. Energy price shock
2. Fiscal crises
3. Spread of infectious diseases
4. Unmanageable inflation
5. Cyber attacks
Source: World Economic Foundation
The bio:
Favourite film:
Declan: It was The Commitments but now it’s Bohemian Rhapsody.
Heidi: The Long Kiss Goodnight.
Favourite holiday destination:
Declan: Las Vegas but I also love getting home to Ireland and seeing everyone back home.
Heidi: Australia but my dream destination would be to go to Cuba.
Favourite pastime:
Declan: I love brunching and socializing. Just basically having the craic.
Heidi: Paddleboarding and swimming.
Personal motto:
Declan: Take chances.
Heidi: Live, love, laugh and have no regrets.
WHEN TO GO:
September to November or March to May; this is when visitors are most likely to see what they’ve come for.
WHERE TO STAY:
Meghauli Serai, A Taj Safari - Chitwan National Park resort (tajhotels.com) is a one-hour drive from Bharatpur Airport with stays costing from Dh1,396 per night, including taxes and breakfast. Return airport transfers cost from Dh661.
HOW TO GET THERE:
Etihad Airways regularly flies from Abu Dhabi to Kathmandu from around Dh1,500 per person return, including taxes. Buddha Air (buddhaair.com) and Yeti Airlines (yetiairlines.com) fly from Kathmandu to Bharatpur several times a day from about Dh660 return and the flight takes just 20 minutes. Driving is possible but the roads are hilly which means it will take you five or six hours to travel 148 kilometres.
The rules of the road keeping cyclists safe
Cyclists must wear a helmet, arm and knee pads
Have a white front-light and a back red-light on their bike
They must place a number plate with reflective light to the back of the bike to alert road-users
Avoid carrying weights that could cause the bike to lose balance
They must cycle on designated lanes and areas and ride safe on pavements to avoid bumping into pedestrians
Company profile
Name: Tabby
Founded: August 2019; platform went live in February 2020
Founder/CEO: Hosam Arab, co-founder: Daniil Barkalov
Based: Dubai, UAE
Sector: Payments
Size: 40-50 employees
Stage: Series A
Investors: Arbor Ventures, Mubadala Capital, Wamda Capital, STV, Raed Ventures, Global Founders Capital, JIMCO, Global Ventures, Venture Souq, Outliers VC, MSA Capital, HOF and AB Accelerator.
The specs: 2019 Mercedes-Benz GLE
Price, base / as tested Dh274,000 (estimate)
Engine 3.0-litre inline six-cylinder
Gearbox Nine-speed automatic
Power 245hp @ 4,200rpm
Torque 500Nm @ 1,600rpm
Fuel economy, combined 6.4L / 100km
Al Jazira's foreign quartet for 2017/18
Romarinho, Brazil
Lassana Diarra, France
Sardor Rashidov, Uzbekistan
Mbark Boussoufa, Morocco
Abu Dhabi GP schedule
Friday: First practice - 1pm; Second practice - 5pm
Saturday: Final practice - 2pm; Qualifying - 5pm
Sunday: Etihad Airways Abu Dhabi Grand Prix (55 laps) - 5.10pm
'Skin'
Dir: Guy Nattiv
Starring: Jamie Bell, Danielle McDonald, Bill Camp, Vera Farmiga
Rating: 3.5/5 stars
How to donate
Send “thenational” to the following numbers or call the hotline on: 0502955999
2289 – Dh10
2252 – Dh 50
6025 – Dh20
6027 – Dh 100
6026 – Dh 200
Fighting with My Family
Director: Stephen Merchant
Stars: Dwayne Johnson, Nick Frost, Lena Headey, Florence Pugh, Thomas Whilley, Tori Ellen Ross, Jack Lowden, Olivia Bernstone, Elroy Powell
Four stars
The specs: 2018 Jeep Grand Cherokee Trackhawk
Price, base: Dh399,999
Engine: Supercharged 6.2-litre V8
Gearbox: Eight-speed automatic
Power: 707hp @ 6,000rpm
Torque: 875Nm @ 4,800rpm
Fuel economy, combined: 16.8L / 100km (estimate)
Hotel Data Cloud profile
Date started: June 2016
Founders: Gregor Amon and Kevin Czok
Based: Dubai
Sector: Travel Tech
Size: 10 employees
Funding: $350,000 (Dh1.3 million)
Investors: five angel investors (undisclosed except for Amar Shubar)
Student Of The Year 2
Director: Punit Malhotra
Stars: Tiger Shroff, Tara Sutaria, Ananya Pandey, Aditya Seal
1.5 stars
Profile of Whizkey
Date founded: 04 November 2017
Founders: Abdulaziz AlBlooshi and Harsh Hirani
Based: Dubai, UAE
Number of employees: 10+
Sector: AI, software
Cashflow: Dh2.5 Million+
Funding stage: Series A
Tesalam Aleik
Abdullah Al Ruwaished
(Rotana)
Specs: 2024 McLaren Artura Spider
Engine: 3.0-litre twin-turbo V6 and electric motor
Max power: 700hp at 7,500rpm
Max torque: 720Nm at 2,250rpm
Transmission: Eight-speed dual-clutch auto
0-100km/h: 3.0sec
Top speed: 330kph
Price: From Dh1.14 million ($311,000)
On sale: Now
Film: In Syria
Dir: Philippe Van Leeuw
Starring: Hiam Abbass, Diamand Bo Abboud, Mohsen Abbas and Juliette Navis
Verdict: Four stars
Brief scores:
Day 1
Toss: India, chose to bat
India (1st innings): 215-2 (89 ov)
Agarwal 76, Pujara 68 not out; Cummins 2-40
Salah in numbers
€39 million: Liverpool agreed a fee, including add-ons, in the region of €39m (nearly Dh176m) to sign Salah from Roma last year. The exchange rate at the time meant that cost the Reds £34.3m - a bargain given his performances since.
13: The 25-year-old player was not a complete stranger to the Premier League when he arrived at Liverpool this summer. However, during his previous stint at Chelsea, he made just 13 Premier League appearances, seven of which were off the bench, and scored only twice.
57: It was in the 57th minute of his Liverpool bow when Salah opened his account for the Reds in the 3-3 draw with Watford back in August. The Egyptian prodded the ball over the line from close range after latching onto Roberto Firmino's attempted lob.
7: Salah's best scoring streak of the season occurred between an FA Cup tie against West Brom on January 27 and a Premier League win over Newcastle on March 3. He scored for seven games running in all competitions and struck twice against Tottenham.
3: This season Salah became the first player in Premier League history to win the player of the month award three times during a term. He was voted as the division's best player in November, February and March.
40: Salah joined Roger Hunt and Ian Rush as the only players in Liverpool's history to have scored 40 times in a single season when he headed home against Bournemouth at Anfield earlier this month.
30: The goal against Bournemouth ensured the Egyptian achieved another milestone in becoming the first African player to score 30 times across one Premier League campaign.
8: As well as his fine form in England, Salah has also scored eight times in the tournament phase of this season's Champions League. Only Real Madrid's Cristiano Ronaldo, with 15 to his credit, has found the net more often in the group stages and knockout rounds of Europe's premier club competition.
US PGA Championship in numbers
1 Joost Luiten produced a memorable hole in one at the par-three fourth in the first round.
2 To date, the only two players to win the PGA Championship after winning the week before are Rory McIlroy (2014 WGC-Bridgestone Invitational) and Tiger Woods (2007, WGC-Bridgestone Invitational). Hideki Matsuyama or Chris Stroud could have made it three.
3 Number of seasons without a major for McIlroy, who finished in a tie for 22nd.
4 Louis Oosthuizen has now finished second in all four of the game's major championships.
5 In the fifth hole of the final round, McIlroy holed his longest putt of the week - from 16ft 8in - for birdie.
6 For the sixth successive year, play was disrupted by bad weather with a delay of one hour and 43 minutes on Friday.
7 Seven under par (64) was the best round of the week, shot by Matsuyama and Francesco Molinari on Day 2.
8 Number of shots taken by Jason Day on the 18th hole in round three after a risky recovery shot backfired.
9 Jon Rahm's age in months the last time Phil Mickelson missed the cut in the US PGA, in 1995.
10 Jimmy Walker's opening round as defending champion was a 10-over-par 81.
11 The par-four 11th coincidentally ranked as the 11th hardest hole overall with a scoring average of 4.192.
12 Paul Casey was a combined 12 under par for his first round in this year's majors.
13 The average world ranking of the last 13 PGA winners before this week was 25. Kevin Kisner began the week ranked 25th.
14 The world ranking of Justin Thomas before his victory.
15 Of the top 15 players after 54 holes, only Oosthuizen had previously won a major.
16 The par-four 16th marks the start of Quail Hollow's so-called "Green Mile" of finishing holes, some of the toughest in golf.
17 The first round scoring average of the last 17 major champions was 67.2. Kisner and Thorbjorn Olesen shot 67 on day one at Quail Hollow.
18 For the first time in 18 majors, the eventual winner was over par after round one (Thomas shot 73).
COMPANY PROFILE
Company: Growdash
Started: July 2022
Founders: Sean Trevaskis and Enver Sorkun
Based: Dubai, UAE
Industry: Restaurant technology
Funding so far: $750,000
Investors: Flat6Labs, Plus VC, Judah VC, TPN Investments and angel investors, including former Talabat chief executive Abdulhamid Alomar, and entrepreneur Zeid Husban
More from Neighbourhood Watch:
