If you own a smart device or connected TV and found yourself alarmed by Tuesday’s reports of CIA hacking, you need to start asking difficult questions about the companies you’ll spend money with in the future.
That’s the message from cybersecurity experts Mashable spoke to on a day of explosive allegations following the latest WikiLeaks dump.
Wikileaks dumped a trove of documents on Tuesday that allegedly show a range of techniques the CIA uses to hack or get around privacy protections such as encryption.
While the CIA hasn’t figured out how to crack encrypted messaging apps such as Signal and WhatsApp, according to the documents, they have figured out how to compromise phones so the in-app encryption becomes irrelevant. The CIA has also apparently figured out how to spy on people through smart TVs, and they’ve explored how to hack vehicle control systems.
This isn’t NSA-style collection of information, when the hugely powerful government spy agency was discovered to be gathering information on practically everyone with a digital trail. But it does show the CIA’s interest and ability to perform targeted attacks, and in a world in which more things connect to the internet every day, cybersecurity experts said consumers should know what privacy protections are provided by companies that build smartphones, smart TVs, smart cars and other connected devices.
“I know that’s a big fear for a lot of these companies — they don’t want their product to be the one that is considered unsafe.”
“I know that’s a big fear for a lot of these companies — they don’t want their product to be the one that is considered unsafe,” said James Lewis, a technology and security expert at the Center for Strategic and International Studies.
“There’s probably a competitive advantage to being more secure than your competitor.”
If a government-backed hacker wants to find a way into your smart TV or your car or whatever else, it’s going to happen.
But average consumers who aren’t the target of government spying operations should be worried about non-governmental hackers exploiting some of the same workarounds and loopholes.
Even if companies aren’t able to stop the CIA, they should still be doing the best they can to defend their consumers from “criminal and ideological adversaries,” said Beau Woods, a cyber policy expert at The Atlantic Council’s Cyber Statecraft Initiative.
If consumers hear more and more about vulnerabilities in their smart technology — especially technology that can save lives, such as smart cars or smart medical devices — that can create distrust and prevent people from purchasing and using technology that should improve their lives. That, according to Woods, is a significant danger.
Essentially, experts say consumers shouldn’t be scared off smart devices by the revelations, but they should let companies know how much they value privacy protection.