Here are some Black Friday/Cyber Monday tips from Ashley Stephenson, CEO, Corero Network Security:
“This holiday season will result in a tidal wave of new low-cost Internet connected gifts. Some of these will be from recognised brand names we trust such as Amazon, Apple, and Google. Many others are low cost from no-name suppliers. When we unwrap them, and provide them with access to our in-home Wi-Fi network we could be potentially weaponising our gifts.
“Once enabled, these devices can reach out to anywhere in the world and commence clandestine communications, joining a botnet awaiting on orders to attack. While you are sleeping they could be exploring your home network, looking for vulnerabilities in other devices, infecting them with their malware, recruiting them to their botnet.
"If they have a microphone it could be hijacked to listen to your conversations, worse if they have a camera it could be used to spy on you and invade your privacy. Your broadband connection could be used to DDoS a foreign government or worse still--your own government.
“Where do you go to find out if your gift is properly secure? For either product safety or age appropriateness, you tend look for standard marks on the packaging, but there is no cybersecurity rating to give users a sense of security before allowing the latest Internet connected device into your home. These connected Holiday gifts not managed by Internet security teams, or 24/7 support staff patching and ensuring that these devices are free from potential exploit capabilities. The Holiday IoT may very well be breeding its own army of botnets. Buyer beware.”