[ Jan 08, 2019 ]
According to the research from a Buckinghamshire-based security group Pen Test Partners, hot tubs can also be hacked using an app simply because there isn’t any authentication process in place.
Reportedly, 26,000 hot tubs are currently vulnerable to be hacked and controlled remotely and anyone can perform the hacking by searching on wigle.net, a hacking database, which includes geolocation data. Hence, anyone can search for the physical location of the device.
A hacker can gain access to the system and increase or decrease the heat quite effortlessly making the tub unusable. If the tub is continuously heated, it will waste a considerable amount of electricity. Furthermore, since blowers are activated only when someone’s using the hot tub so a hacker would figure out when the user is in the hot tub and can thus, manipulate the temperature or turn the water pumps on or off.
The manufacturer Balboa Water Group has stated that it is currently improving the authentication process of over 1,000 tub owners across the UK and elsewhere.
Cyber Security Tips :
– Until an update is released, which might be released by the end of February, users of hot tubs are urged to not use the remote control function.