Would Hackers Go After Your Pets? Unfortunately, They Have That Option

If you have a pet, you know what pantry items should be out of reach. You know not to leave them in a car on a sunny day. You know that doors and windows need to be closed to keep them inside. You know when their vaccinations are due. For most people, pets are like family members, and they are willing to do whatever it takes to keep them safe. Well, if you want to keep them safe, you have to think about cybersecurity as well. If you own the FurryTail pet feeder that can be controlled using an app, you have to be particularly cautious because a Russian hacker has recently found a way to hack this IoT device.

A hacker, who is known by the name Anna Prosvetova, used Telegram to share information about a FurryTail security backdoor that, allegedly, could be used to take full control over the smart pet feeder. According to securitynewspaper.com, the hacker could gather information about the owners of the pet feeder, and it was also possible to change the feeding schedule completely. In the worst-case scenario, the feeder could be switched off so that no food would be dispensed, leaving the pet hungry. While it is highly unlikely that anyone would rely on something like FurryTail to keep their cats and dogs fed for days on end, it is intimidating that hackers might have the power to disrupt the wellbeing of our pets. Prosvetova claimed to have found 10,950 vulnerable feeders, and although she did not exploit the vulnerability, can we be sure that someone else will not do it?

How hackers exploit firmware vulnerabilities

According to researchers, the smart pet feeder was vulnerable because of an ESP8266 chipset that was used to enable WiFi connectivity. If you wonder how hackers exploit firmware vulnerabilities, it’s all pretty simple. All they have to do is detect a vulnerability and then figure out how to use it for whatever it is that they need. In the FurryTail smart pet feeder case, the vulnerability within the ESP8266 chipset makes it possible to install new firmware, and once the feeder is rebooted, full control over the device can be taken. According to Prosvetova, hackers could exploit the vulnerability to turn pet feeders into a DDoS botnet. At first, it was stated that Xiaomi pledged to fix the vulnerability as soon as it first found out about it, but then it was reported that the company denied FurryTail being their product at all.

Since the vulnerability in the smart pet feeder was not exploited by actual hackers, it is hard to say whether or not anyone would be interested in hijacking the IoT device and using it to cause real harm. That being said, when it comes to cybercriminals, sometimes it is impossible to understand their agenda or predict their moves. Unfortunately, IoT devices are usually left unprotected, and hackers do not have to work hard to hijack them. Also, there are a lot of crazy people in this world, and you should not just assume that no one would want to harm your pet if the right opportunity did not arrive. It’s always better to err on the side of caution, especially when it comes to those we care about the most.

IoT vulnerabilities are not the only things that threaten our pets

There’s proof that IoT devices have been on target for quite some time now. In 2017, The Washington Post shared a story of a casino’s fish tank getting hacked in an undisclosed US city. In this case, hackers were not interested in messing with the colorful pets, but they used the tank’s sensors to hack into the computer. The sensors were meant to make it possible to control the water temperature from the computer via the Internet, but hackers used the backdoor to invade the system and gather information.

In a different scenario, at the end of 2019, the National Veterinary Associates company was dealing with a ransomware attack that affected more than half of its 700 facilities. It is believed that the infamous Ryuk Ransomware was to blame for the attacks. With the booking systems being down, and patients’ records being locked, pet owners were not always able to make appointments, and veterinarians were not able to access important information about their patients. Although the company’s representative assured that all sick animals were treated, similar attacks on veterinary clinics could potentially cost lives. Furthermore, now that some ransomware infections are capable of stealing data before encrypting it, it is possible that pet owners’ private information could fall into the hands of cybercriminals too.

How to protect pets in the virtual world

If you run a veterinary clinic, it is your responsibility to secure the information of your patients and their owners. VetPort suggests taking four simple steps to ensure security. Administrators are recommended to set automatic updates, install trustworthy antivirus software, set up a comprehensive backup system, and also practice virtual safety. Note that if you open spam emails or click on corrupted links, you could be responsible for letting malware into your own systems. We would also like to point out that setting up unique, complex, and strong passwords for all of your systems is crucial. We strongly recommend employing a trusted password management tool that will handle your password safety for you.

If you use smart pet feeders or other pet-related IoT devices, you need to take some security steps as well. Make sure that the devices and the firmware installed on them are legitimate, trustworthy, and secure. Do not neglect your devices, and always install the latest updates. Also, secure the systems that your IoT devices are connected to. For example, if the smartphone you use to connect to the FurryTail smart pet feeder is not secure, you could face undesirable breaches. Always set strong passwords, install updates, and do not forget about the security of apps that you might use to control your IoT devices. It might take you a little bit of time to take care of things, but your pet’s safety is worth it, isn’t it?

February 24, 2020
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.