Even smart kettles, talking dolls can hack tech devices, warns expert
Ethical hacker Ken Munro demonstrates real-time vulnerabilities in Internet of Things devices and urges simple steps to protect online security

ISTANBUL
Ken Munro, an ethical hacker, demonstrated Friday how easily Internet of Things (IoT) devices can be hacked, using smart kettles, talking dolls, and even home Wi-Fi networks to warn users that minor security flaws can result in major breaches.
During the "live hacking" session at Türkiye Innovation Week, Munro, a partner and founder of Pen Test Partners, an ethical hacking firm, demonstrated real-time security flaws and explained how even the simplest connected devices can become vulnerable targets.
“How can you be ethical and a hacker?” he asked the audience. “Well, we're brought in by organizations to hack them in a controlled way so they can find the bugs and vulnerabilities, fix them, and then the bad hackers can't do anything.”
Munro urged people to take simple but powerful steps to protect themselves online, beginning with something most users overlook—passwords. “Probably the best thing we can do is to use our passwords.”
“Now, this is so boring, right? No one wants to hear about passwords. But if you reuse the same password in multiple places, hackers can use that to hack your account.”
“And number two is updates. When your smartphone says, ‘Hey, I’ve got an update,’ that software is fixing security flaws. So it’s really important that you update everything you own—your smartphone, your computer, your TV, even your refrigerator.”
He also warned against phishing emails that trick users into giving up sensitive data. “Watch out to make sure that you're not clicking on a link that may take you to a hacker website where they steal your details,” he said.
Munro also advised using a “multifactor token authenticator” to add an extra layer of protection. “If your password is stolen, you’re still okay, unless the hacker has your phone also,” he said.
Even home Wi-Fi networks, he said, can be entry points for cybercriminals.
“If it’s the one that’s written on the side of your router, you have a problem,” he said. “I strongly recommend that you change it from the one on the side to something strong and complicated, maybe 10 or 15 characters.”
Asked which brands consumers can trust, Munro said big-name manufacturers generally invest more in security.
“The brands I trust are the big names,” he said. “I trust the manufacturers of Google, Amazon devices because they have a reputation to uphold, and they also have the financial resources to maintain their cybersecurity. So I trust the big brands.”
Türkiye Innovation Week 2025, the country's largest innovation event, kicked off Thursday at Istanbul’s Halic Congress Center under the theme “Tomorrow: Now.”
Organized by the Turkish Exporters Assembly (TIM) with the support of the Turkish Ministry of Trade and Anadolu Agency as its global communication partner, the three-day event brings together academics, senior executives, pioneering entrepreneurs, and innovation leaders from around the world.
The event features panels, masterclasses, digital art exhibitions, experience areas, and networking opportunities.