29 November 2016

Intel Security shares list of the most hackable holiday gifts

· Survey reveals that 80% of consumers will likely shop online this year

· While 85% of consumers start using connected devices within the first day of receiving it, only 45% claim they take the proper security measures

· Consumers know it’s important to secure their devices, but nearly half (46%) are uncertain whether they are taking the proper security steps to do so

Intel Security has announced its second annual McAfee Most Hackable Holiday Gifts list to identify potential security risks associated with hot-ticket items this holiday season. The No. 1 most hackable gift category included laptops and PCs, followed by smartphones and tablets, media players and streaming sticks, smart home automation devices and apps, and finally, drones.

A recent distributed denial of service (DDoS) attack that crippled websites like Twitter, Reddit and Spotify was carried out by a botnet made up of unsecured webcams and other Internet of things (IoT) devices, and crippled many popular websites connected to the Dyn domain. Consumers can help fight these attacks by ensuring that their devices are updated and patched. Intel Security stresses that users have to understand the risks associated with even the most unassuming of devices.

“Unsurprisingly, connected devices remain high on holiday wish lists this year. What is alarming is that consumers remain unaware of what behaviours pose a security risk when it comes to new devices,” said Gary Davis, Chief Consumer Security Evangelist at Intel Security. “Consumers are often eager to use their new gadget as soon as they get it and forgo ensuring that their device is properly secured. Cybercriminals could use this lack of attention as an inroad to gather personal consumer data, exposing consumers to malware or identity theft or even use unsecured devices to launch DDoS attacks as in the recent Dyn attack.”

To accompany the list, Intel Security conducted a survey to identify the risky behaviours consumers are engaging in during the holiday season. While a majority of consumers are aware of the vulnerabilities in older connected devices like laptops (73%), mobile phones (70%) and tablets (69%), they lack awareness about the potential risks associated with emerging connected devices, such as drones (20%), children’s toys (21%), virtual reality technology (18%), and pet gifts (11%).

The year’s most hackable holiday gifts include:

1. Laptops and PCs – malicious apps targeting PCs are unfortunately common, and are not just limited to Windows-based devices.

2. Smartphones and tablets – Survey results revealed that 64% of consumers plan to purchase either a smartphone or tablet this holiday season. Just like PCs and laptops, malware could result in personal and financial information being stolen.

3. Media players and streaming sticks – users can unknowingly invite a cybercriminal into their living room by failing to update their device.

4. Smart home automation devices and apps – Today’s connected home devices and apps give users the power to control their homes from their smartphone. Unfortunately, hackers have demonstrated techniques that could be used to compromise Bluetooth powered door locks and other home automation devices.

5. Drones – Drone sales are expected to grow to more than US$20 billion by 2022. They can provide unique perspectives when it comes to shooting video and photos. However, not properly securing the device could allow hackers to disrupt the GPS signal, or hijack the drone through its smartphone app.

While 75% of consumers believe it is very important to secure their online identities and connected devices, nearly half are uncertain if they are taking the proper security steps. To stay protected for a happier and safer holiday season, Intel Security has the following tips:

· Secure your device. Make sure you have comprehensive security software installed.

· Only use secure Wi-Fi. Using devices such as smart home appliances on public Wi-Fi could leave users open to risk.

· Keep software is up-to-date. Apply patches as they are released from the manufacturer so that the device is protected from the latest known threats.

· Use a strong password or PIN. If the device supports it, use multifactor authentication (MFA) as it can include factors like a trusted device, your face, fingerprint, etc. to make your login more secure.

· Check before you click. Be suspicious of links from people you do not know and always use Internet security software to stay protected. Hover over the link to find a full URL of the link’s destination in the lower corner of the browser.