Smart home technologies have great promise, but they can also introduce vulnerabilities into our homes. Here are some ways to help you enjoy your new smart IoT devices without jeopardizing your home or your family.
How smart IoT devices can threaten home security
Everything from security cameras and locks to TVs and thermostats can be connected to the Internet today. This means less effort for our daily activities, which is why millions of people around the world have begun adopting smart devices. For more about the IoT and what it is, click here
However, as we fill our homes with connected devices, we’re exposing ourselves to new risks we’ve never thought of before. There are smart doorbells
that can be hacked to let thieves into your home. Wikileaks has shown that the CIA can transform smart Samsung TVs
into covert surveillance tools (and hackers can often do the same). The sheer number of unsecured IoT devices is one of the main reasons for massive DDoS attacks
becoming more frequent.
The worst part is that it’s hard to say when, if ever, these devices’ built-in security vulnerabilities will ever go away. Here’s why:
- Manufacturers don’t prioritize security features. IoT devices are designed primarily to be convenient. In any case where a manufacturer has to choose between security and convenience, they’ll choose the benefit that the customer can immediately see.
- Secure IoT devices are hard to design. They have limited space, memory, and/or computing power for security features, so manufacturers cut costs by leaving weak or no security. Encryption and decryption are demanding processes.
- IoT devices usually ship with default logins. If your IoT device shipped with a factory default login, you can bet that someone out there knows exactly what it is. This is why it’s critically important to change your IoT devices’ logins, even if they arrive randomized.
- They are easier to find than you think. It’s easy to find IoT devices on the same Wi-Fi network, but it’s also fairly for almost anyone in the world to search for them online. That’s because there’s a search engine that searches for them online. Don’t assume that someone can’t attempt to access your device just because they aren’t on your Wi-Fi network.
- They’re attractive targets. IoT devices are popular hosts for botnets because they’re so easy to crack. If there’s someone targeting you maliciously, then they’re even worse. A hacker could turn your oven up to its max temperature when you’re on vacation, turn off your refrigerator, adjust your thermostat, watch your security camera, or unlock your front door.
IoT security tips
1. Do your homework when buying devices
Consider what you need the device for, how you’ll use it, and how it might be affected in the event of a hack or other onforseen circumstances. For instance, smart heating devices and apps ensure that your home is only heated when you’re actually there, helping you cut your energy bills. But how will they affect your heating if your power or internet connection goes down? What can hackers do with your heating if they hack in? We suggest choosing appliances that have dependable security features, even if they end up costing more.Only buy IoT devices from brands that provide regular security updates.
2. Change the default password
One of the most common security challenges for IoT devices is default login details and configurations, which hackers can use for easy access. That’s actually what happened with the infamous Miraj attack
. The first step for enhancing your IoT security should be changing those factory defaults.
3. Create a separate network for your devices
Some wireless routers allow you to set up separate guest networks to keep untrusted visitors off your regular network. Consult your router’s manual to create at least one separate network for your IoT devices and connect them there. Then, see how you can boost that network’s security (you can, for example, set up a VPN on your router
). You can also create a second network by using a second router. The more you segment your networks, the harder it is for hackers to access all of your devices and information. We also recommend disabling Wi-Fi Protected Setup (WPS) and using only Wi-Fi Protected Access 2 (WPA2) to secure your networks.
4. Update to the latest firmware
Make sure you have the latest security patches to reduce the chances of a successful hack attack. New vulnerabilities and exploits will be fixed by manufacturers as they emerge, so you need to update your IoT devices and your router regularly. The manufacturer can’t always do this for you, and any hackers who didn’t know about your vulnerability will discover it as soon as the patch is published. Set automatic updates wherever possible or make a note to check for updates every few months at the very least.