CYBER KID SHOWS HOW TO ‘WEAPONISE’ TOYS
11-year-old boy hacks into experts’ devices to manipulate a teddy bear
THE HAGUE
AN 11-year-old “cyberninja” stunned an audience of security experts on Tuesday by hacking into their Bluetooth devices to manipulate a teddy bear to show how interconnected smart toys “can be weaponised”.
American wunderkind Reuben Paul may be still in sixth grade at his school in Austin, Texas, but he and his teddy bear, Bob, wowed hundreds at a cybersecurity conference in The Netherlands.
“From airplanes to automobiles, from smartphones to smart homes, anything or any toy can be part of the Internet of Things (IOT),” he said, a small figure pacing the huge stage at the World Forum here.
“From terminators to teddy bears, anything or any toy can be weaponised.”
To demonstrate, Reuben deployed his bear, which connects to the iCloud via Wi-Fi and Bluetooth smart technology to receive and transmit messages.
Plugging into his laptop a rogue device known as a “raspberry pi”, a small credit-card size computer, he scanned the hall for available Bluetooth devices and, to everyone’s amazement, suddenly downloaded dozens of numbers including some of top officials.
Then, using a computer language programme called Python, he hacked into his bear via one of the numbers to turn on one of its lights and record a message from the audience.
Reuben said: “Most Internetconnected objects have Bluetooth functionality. I showed how I could connect to it and send commands to it by recording audio and playing the light.
“IOT home appliances, things that can be used in our everyday lives, our cars and refrigerators, can be used and weaponised to spy on us or harm us.
“They can be used to steal private information such as passwords, as remote surveillance to spy on kids or employ a GPS to find out where a person is.”
He said more chillingly, a toy could say “meet me at this location and I will pick you up”.
His father, information technology expert Mano Paul, said at the age of 6, Reuben had revealed his early IT skills by correcting him during a business call.
Using a simple explanation from his father on how a smartphone game worked, Reuben figured out it was the same algorithm behind the popular video game Angry Birds.
“He has always surprised us. Whenever we teach him something, he’s usually the one who ends up teaching us,” Mano said.
He said he was “shocked” by the vulnerabilities discovered in kid toys after Reuben first hacked a toy car, before moving onto more complicated things.
“It means that my kids are playing with time bombs, that over time somebody who is bad or malicious can exploit.” AFP