Following the news of security concerns behind My Friend Cayla, David Emm, Principal Security Researcher at Kaspersky Lab commented below.
David Emm, Principal Security Researcher at Kaspersky Lab:
“My Friend Cayla is hitting the headlines, following a call for parents to destroy the doll by Germany’s Federal Network Agency. The doll is equipped with a Bluetooth chip to enable it to answer questions through the Internet. However, it also asks for sensitive information, such as hometown, parent’s and user’s name, and school. Concerns about the doll therefore centre mainly around privacy – the fact that secrets entrusted to the doll by a child could be accessed by a hacker.
This of course isn’t the first doll to cause security concerns. In 2015, US security expert Matt Jakubowski was able to extract the Wi-Fi network name, internal MAC address, account IDs and MP3 files from Mattel’s interactive ‘Hello Barbie’ doll. This is enough to gain access to the Hello Barbie account and home network – thereby compromising the wider security of any family of a child using the doll.
We live in a connected world, where even our children’s toys could become the means for personal data being captured by attackers. It’s really important that, when considering such toys as gifts, parents look beyond the fun aspect of a toy and consider the impact it might have on their child and the wider family.
However, there is also a role for the manufacturers of connected products and the security industry. We need to work together to ensure that strong protection and patch management is designed-in from the very start. Once a product is on the market, it is already too late.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…