How safe are smart homes?
The Internet of Things (IoT) is changing the way we live by connecting the devices we use. It’s simple enough to give remote control to a single device; the first TV remote was developed in the 1950s. But now, any device, from your hifi and TV to your heating, door locks and lighting, can be connected to a single controller through the internet, giving you total control of your home.
The connected home can make your life easier and more enjoyable. However, it also comes with a downside. By connecting your home systems to the internet, you’re opening it up to a number of security risks. We’re going to show you how that happens, and we’ll also give you the best home security tips to ensure your connected home is also a secure home.
How does a smart home work?
Smart homes use devices which can connect to the internet and contain small computers enabling them to be remotely controlled. These devices might be as small as a coffee maker or as large as your entire heating system.
What makes them different from your traditional TV remote is that they use internet protocol to link up, and they’re all connected through a hub. That might be your home network router, or your smartphone.
Unlike the TV remote, these devices can collect and store information on your usage, habits, and preferences — either on the device or on the network. All that data makes your smart home a potential privacy risk, and every device you add to the network adds a new privacy concern.
Let’s take a more detailed look at the types of security threats that you need to consider when you have a smart home network.
Smart home security risks and threats
The connected home presents several types of security threats.
First, individual devices may not be secure. Some IoT home devices are rushed to market, and their security may not have been adequately addressed. In some cases, user manuals don’t address privacy concerns or give you enough information to be sure the device is secure. For instance, baby monitors and security cameras have been hacked, giving criminals the ability to see inside a house.
In fact, many experts believe that with IoT devices, you shouldn’t be thinking about what happens ‘if’ they’re hacked, but ‘when’ because many are easy to hack and offer little protection.
Secondly, your home network may not be secure, and any data held in that network could be accessible to an intruder. A criminal could track your usage patterns for various devices to see when you’re away from home, for instance.
If your home network is controlled from your main internet account, it’s not just data from your IoT devices that could be at risk. Any vulnerability could compromise your private information, including emails, your social media accounts and even your bank accounts.
Many users control their connected home through a smartphone, which makes it a very valuable database for anyone wanting to hack into your life. This creates a high risk if your phone is hacked, stolen or if someone manages to eavesdrop on your connection. Ensure your home network security isn’t compromised by a single vulnerable IoT device.
If you want to benefit from the advantages of a smart home, you need to make sure that you address potential security issues first.
Smart home security tips
The first step in addressing home security is to isolate your smart home network from your other networks. This is relatively easy to do by setting up guest networks for your IoT home devices. For example, your fridge could still be hacked to make it part of a botnet that sends spam or mines cryptocurrencies. However, since it occupies its own network, it won’t be able to access your emails or bank account.
Using guest networks can help enhance your home network security in other ways, too.
Secondly, ensure that the access, control and delivery devices on your network are secure. That might include smart speakers, your internet router, your computer and your smartphone. Your smartphone, if hacked or stolen, could compromise your entire home security system, so make securing it your top priority by purchasing Android security or security for iOS devices.
- Use the screen lock on your smartphone to ensure no one can access it in your absence.
- Ensure all your computers and smartphones are password protected. Use strong passwords that are difficult to crack, and above all, don’t use passwords that are easy to guess (like your birthday or name).
- Ensure your main computer account is not at an administrator or root level. If a hacker gets in, this will limit what they can do to your system since they won’t have administrator privileges.
- Change the default username and password on your router. Changing the name will stop hackers being able to guess the device or network you’re using. Use WPA authentication to create a secure network.
- Use firewalls on any computers and on your router. Most routers have a firewall built into their hardware, but it must first be enabled by the user.
- If your existing router doesn’t offer you good security features, replace it with one that does.
- Use strong security software on your computers and smartphone to avoid installation of malware or infection by viruses. Get Kaspersky’s Anti-Virus software or go for the Total Security package that will provide an all-in-one cybersecurity solution for your smart home.
- Always run security patches and updates and keep your software up to date. Outdated software has vulnerabilities that are easy for hackers to exploit.
Even if you have followed all these home security tips, you’re still running a risk if you log on to public Wi-Fi with your laptop or phone. If you don’t need authentication to get into a network, neither do hackers. If you regularly use public Wi-Fi, learn how to use a Virtual Private Network (VPN) like Kaspersky’s VPN Secure Connection to protect your privacy and your smart home.
Once you’ve secured your networks to ensure that none of your IoT devices can access your personal data or control the network, your next step is to secure the individual devices.
- Change the default passwords. Leaving a default password on a device enables anyone who owns the same device to gain access. That’s almost as bad as having no password at all.
- Changing the passwords every six months can significantly increase your security.
- If you have voice activated devices such as smart speakers, change the alert word from “OK Google” or “Hey Alexa” to something only you and your family know. That way, an intruder won’t be able to use your system.
- Before you buy a new device, make sure you have adequate information about its securityprotection. Find out whether the manufacturer provides regular firmware updates. Six months is a long time in the Internet of Things, and if you’re buying a device that will last a decade or more, you need to be sure you’ll be protected against emerging threats.
- Buy smart home devices from reputable suppliers like Samsung, LG, Google or Amazon.
- Remember to keep the devices updated, either using automatic updates or doing so manually. This might involve checking the manufacturer’s website to get updates and then linking the device to a computer to update it. Hackers are always coming up with new ways to compromise IoT devices. Security patches will protect you against those new threats.
- Consider which devices really need to be connected. If you don’t use the connected functionalities of your coffee maker or oven, use the device offline.
- Turn off Universal Plug & Play (UPnP). Most smart devices have this feature, which enables them to find other smart devices and connect to them automatically. However, UPnP protocols are vulnerable to outside attack, allowing a criminal to gain control of multiple devices once a single device has been hacked.
- Check the permissions for apps running on your devices. Anything that asks for permission to edit your router’s settings is a potential security threat.
- Be wary of cloud storage for devices. Since it requires a cloud connection for upload and download, outsiders could hack into that connection and gain access to your network. If you want to use cloud technology, ensure you understand the right measures to take to secure your data and privacy.
Remember that every added device is an added opportunity for unwelcome visitors to get into your network. It’s up to you to decide for each gadget whether the increased convenience or functionality that it offers you is worth the increase in risk.
The security advantages of a smart home
Although the smart home has some security challenges, it can also create opportunities to make your house more secure. While most devices aim to make your life easier, some can also provide smart home security and protection.
For instance, having a remotely controlled locking system can ensure you never need to copy keys or leave a spare key under the doormat. This can help you manage access not just for family members, but also for trusted services, such as domestic cleaners or house sitters. Checking whether doors and windows are locked becomes easier when physical inspection is no longer required, and you can simply ask your control device.
When you’re not at home, security can be enhanced by being able to turn lights and hifi on and off remotely. This can give outsiders the impression that you are home, even when you’re away for a weekend or working late. Remote access to security cameras can enable you to spot potential issues, such as packages left in plain sight on your doorstep or gates that have been left open.
However, you’ll only get these advantages if you have already secured your smart home network and made sure it can’t be hacked.
The future of IoT smart homes
New products are being created all the time to bring the power of the internet to home gadgets and systems. By the end of 2021, 25 billion IoT smart devices could be in use, including smart light bulbs, air quality monitors, doorbells, washing machines, and fridges. Your IoT home will have the potential to deliver incredible control, but it’s up to you to make sure it delivers smart home security too.
Read the full article, click here.