Experts have raised alarms over the potential for remote-controlled sex toys to be exploited by hackers, with the devices’ unencrypted connections leaving users at risk of “man-in-the-middle” attacks.
These breaches could allow cybercriminals to remotely alter the vibration intensity, potentially causing significant physical harm.
Unencrypted Connections Pose a Threat
The technology behind these gadgets, which allows smartphone-based control, often lacks robust encryption, making them susceptible to hacking. A report commissioned by the Department for Science, Innovation and Technology (DSIT) highlights how attackers can intercept a user’s device and manipulate its functionality.
“An attacker could remotely change or command the vibration intensity of the device,” the report warns, underscoring the need for enhanced security measures.
Rising Popularity of Internet-Enabled Devices
The vulnerabilities have come to light as the use of internet-connected gadgets grows among long-distance couples seeking to maintain intimacy. However, the associated risks extend beyond the devices themselves.
The report also flags concerns about companion apps linked to these devices. Many of these apps store sensitive content, including explicit images and chats, on insecure third-party servers. These vulnerabilities make users’ personal information highly accessible to hackers.
Mark Coté, a researcher from King’s College London, pointed out that other apps, such as those tracking menstruation, pregnancy, and baby development, face similar security risks.
In response, the DSIT has reiterated its commitment to strengthening the UK’s cyber defences, emphasizing the need for better protections for all internet-enabled devices.
Broader Implications
The warning follows other reports of hacking vulnerabilities, such as Russian cybercriminals allegedly breaching Ministry of Defence accounts. With personal data and user safety at stake, the call for improved digital security is becoming increasingly urgent.
