The National Cyber Security Centre (NCSC) has issued new guidance calling on manufacturers to ensure that devices such as baby monitors and ‘smart’ toys are secure.
The security service warned that some children’s toys and baby monitors which connect to the internet could be taken over by hackers and has issued a voluntary code of practice to manufacturers.
The advice has been issued following a number of security vulnerabilities found, which could potentially let attackers obtain audio from a baby monitor or make it transmit false information.
The NCSC’s international database of potential areas of concern also lists a ‘smart toy bear’ with a security fault that could be used by hackers to obtain sensitive information and a talking dinosaur that allows voice, data and video traffic to be intercepted.
It went on to demonstrate how an interactive doll could be compromised and used to unlock a wifi-connected front door.
A voluntary code of practice issued by the government urges manufacturers to increase security across the growing ‘internet of things’.
“Poorly secured devices can threaten individuals’ privacy, compromise their network security, their personal safety and could be exploited as part of large-scale cyberattacks,” said an NCSC spokesperson. “Recent high-profile breaches putting people’s data and security at risk include attacks on smart watches, CCTV cameras and children’s toys.”
“We want to reduce the burden on consumers,” the NCSC spokesperson added. “It’s not reasonable to expect every parent to be a cyber security expert.”
“What we want to do is encourage companies to manage their products, keep them updated and be honest about how long they’re supported for. And to encourage retailers to consider security when they figure out what to stock. That will over time make it much easier for consumers to buy the right things.”
