Reality is scarier than fiction — especially when it comes to what hackers can do. In many bizarre-but-true ways, your home is wide open to hacker attacks. Right now.
While you’re reading this, a criminal could be logging in to your router and using it as a porn server. He could be using a Bluetooth “sniper rifle” (like the one shown above) to tap into your phone while you chat by the window. He could even physically steal your printer and capture from its circuitry the financial records you printed last week.
Here are 10 scary — and real — home-security threats hackers may try, and how to block them — if you can.
1. They Can Take a Gun to Your Phone Calls
A gun … for wireless networking? It’s weird, but it’s true. A few years ago, John Hering — who’s now the CEO of Lookout — built a data-sniping rifle that could hack its way into the Bluetooth networks used by most cellular phones. It caused quite a stir with security pundits. He showed how to sniff out a Bluetooth signal, tap into a phone and steal data — from across the block or even from an airplane overhead.
The hack is still possible today, says Hering, who believes the idea of such long-range hacks is growing, not disappearing. And the only way to block them is to use only Bluetooth devices that require a passcode and turn off “discoverable” mode (usually a quick setting on your phone). And more important, turn off Bluetooth when you’re not using it.
A Tempest device can capture the transmissions between your PC and monitor, then re-create those transmission on a second monitor.
2. They Can Steal Your Printer
Security consultant Winn Schwartau says you need to literally tie down your printer. Now. The expert from The Security Awareness Company says it’s possible for thieves to break into your home and steal your printer, rip out the print head, install it on another printer, and retrieve the last few printouts. Hackers could then bribe you — if they discover sensitive information — or steal financial records.
Newer printers use a temporary hard drive to hold printouts, a data repository that’s also ripe for hacking. The solution? Use a security lock for the printer like those from Kensington, or avoid printing private records.
3. They Can Electro-Pulse Your Electronics
Hold on to your hat, ’cause HERF guns are here. According to Brain Yoder, the VP of Engineering at CyberDefender, high-energy radio-frequency guns are still in circulation, though they were more common a few years ago. The guns send out a powerful electro-mechanical pulse that disables all electronic equipment — including your fancy alarm system.
Some websites, such as Information Unlimited, even sell the devices. Yoder says the only way to block an EMP attack is by installing a Faraday cage — a special wire box that blocks electric fields — around any gadget you want to protect from attack.
4. They Can Intercept Your Display
Using a device called a Tempest receiver — a gadget that costs $1,000 or more but is readily available online — Schwartau says it’s possible to capture the transmissions between your PC and monitor, then re-create those transmission on a second monitor. He’s shown that this procedure works for many years, in fact. Hackers can then capture any information you view on a PC.
Other than visually inspecting your premises for the receiver, which looks like a piece of high-end audio equipment, there is no bulletproof security precaution against this kind of attack.
5. They Can Google Your Car — and Then Steal It
Services such as Google Latitude, Foursquare and Loopt broadcast your whereabouts to your friends and the world at large. If a hacker intercepts this feed, or tricks you into allowing him to see it, he can track where you are during the day. And knowing that you’re out of town reveals a good time to break into your house or steal your car while you’re at work.
To keep yourself safe, carefully limit your use of these tools. The best way to block the broadcast is to turn off the feature — or the smartphone itself.
6. They Can Become Your Friend
Hackers are clever — they pose as friends on Facebook and trick you into giving out private information. Criminals also pose as a reputable contacts, such as a job recruiters or researchers, and ask for private information, then use it to steal credit cards and other financial data from your bank. The protective measure: never give out private info or friend someone you don’t know very well.
7. They Can Rob Your Home — From Twitter
Did you just tweet that you’re on vacation? Oops. Hackers can use that against you, too.
Chuvakin says criminals will find your real name, usually by tricking you or a friend online. Then they will use a site like RealPagesLive to find your address. “To make it more fun, they can look up house prices in the area to see whether your house is really worth robbing,” he adds. To avoid this hack, never post your whereabouts online, especially to people you don’t know.
8. They Can Walk in the Front Door
Surprisingly, many home owners run a wide-open wireless network without any security protection. Hackers routinely “war-drive” in neighborhoods looking for these open networks, then install “zombie” software tools that send out spam or distribute porn. Locking down a wireless router with strong encryption, such as AES, can keep the hackers at bay — at least until they figure out a crack for that one.
9. They Can Pull the Plug
Last year, President Obama announced funding for a nationwide Smart Grid — a way for companies and home owners to see their power usage in real-time, disable some power usage during times of the day, and monitor their carbon footprint. Security consultant Dr. Anton Chuvakin says this opens the door for hackers to break into the Smart Grid infrastructure.
The network should be remote-controllable and interconnected sometime in the next 3-5 years, but Google PowerMeter and Microsoft Hohm can tap into your home power usage today, and that opens up the potential for trouble.
For example, hackers could shut off power in your home and then demand payment immediately to turn it back on. Chuvakin says these systems should be designed with tighter security and that some critical endpoints should not be Internet-connected.
10. They Can Exploit Your Ignorance
The greatest security danger has nothing to do with sniper rifles or the power grid. It’s us. Visiting nefarious sites on the Internet, downloading porn and using software from disreputable sources opens us to attack.
According to Schwartau, it’s pure ignorance about scams and viruses that presents the greatest danger to home users who open the door to widespread abuse. “I go to a lot of crazy places on the Internet, but the last time I had a virus was 15 years ago,” says Schwartau, who advises clients to educate themselves about all the home security dangers, and the protections available