Smart toys pose safety risks to kids, experts warn
Zülal Atagün - ISTANBUL
Malicious cyber actors can use data from bleeding edge “smart toys” with internet access and cameras to blackmail and kidnap children, cyber security experts have warned.
“Innocent-looking toys can process information by recording data and sell it to related companies as a product,” said Deniz Yengin, a professor from Çanakkale Onsekiz Mart University.
“The purpose of a toy with a two-way audio system and a radio feature is to allow children to send messages to their parents whenever they want. However, due to some software deficiencies, children can unconsciously communicate with other people,” the expert explained.
In order to avoid this situation, instead of imposing prohibitions, it is a better way to provide self-control by explaining this situation to children with reasons, she suggested.
The fact that children’s private images can be recorded also leads to cyberbullying, cyber security expert Osman Demircan said, warning parents not to buy products that don’t provide technical support and don’t have a representative in Türkiye.
Malicious people can detect these toys with simple scans and access them with cameras, he added.
For a toy to be considered a “smart toy,” it must have a video and audio microphone, camera, speaker, screen, and Bluetooth or an internet connection to Wi-Fi.
There may be operating system vulnerabilities in smart toys whose brand or manufacturer is not certain, according to experts.
After teddy bears produced by the brand titled CloudPets were found to have exposed 2.2 million voice recordings between parents and their children in a significant data breach in 2018, the toys were removed from online markets.
Around 800,000 emails, with passwords, were also stored.