< Back to Blog

Are Hackers Haunting Your Smart Home?

Oct 29,2017 | Posted by Yossi Atias - GM IoT Security

 

The call is coming from inside the house...no, it's not just a horror movie trope. There's a scary truth to home invasion, but it's not a masked villain you should be watching out for. Instead, connected devices are making digital home invasion a real life nightmare. Hackers can perform an attack through the backdoor of millions of connected devices within your home - whether it's a light bulb, fridge or baby monitor. Utilizing rapidly emerging Internet of Things (IoT) technology, hackers can control vast amounts of hardware to send out malicious attacks without ever stepping foot in your home.

Gartner analysts forecast that 2017 would see 8.4 billion connected things in use worldwide, with the consumer segment being the largest user of connected things. This massive boom in the sheer number of devices also brings with it something scary -- as in the speed to create them, the vast majority of them are also inherently lack security - leaving your data and even your physical home wide open to hackers. Each device is a tiny doorway inviting hackers to come inside, and many consumers are unaware of the magnitude of the threat.
All IoT devices are connected to a network, it's what makes them so "magical." However, as more types of devices are assigned to Internet Protocol (IP) addresses, it becomes even more important to stick to security basics. With National Cyber Security Month upon us, it's even more important to pull back the mask and reveal the true villains who happen to normal, average people. So, in honor of this month's campaign, here are three ways to fend off the boogie men looking to invade your smart home:
Warning: WiFi Connection Unsecured

Not even the heart of the connected home is safe. As far back as 2001, researchersuncovered flaws in Wired Equivalent Privacy (WEP). Despite its weaknesses, WEP is still widely used. This layer of protection is easier to add than consumers might think: just secure your wireless network. Make sure it is protected by the Protected Access II (WPA2) protocol and a strong, complex password.

Update, Update, Update

Using unsecured WiFi at home isn't the only way you're compromising your device security; software updates also have a big role to play in keeping tech running smoothly. Sadly, your "connected espresso machine" or "smart doorbell" might not be able to tell you when it's ready for an update. For one, these devices lack a screen like that of your smartphone. Many don't update automatically and need a little help. I recommend manually checking your device for an update at least once a month, either through the associated mobile app or website.

Updates allow companies to send over the air patches for security flaws as soon as they are found - keeping you safer. For example, with the most recent KRACK WiFi vulnerability, many vendors immediately worked on releasing patches to protect devices. Staying on top of device updates can help to steer clear of attacks. So, if updates are available, instead of leaving them in settings purgatory, allow it to run its course and keep you safer.

Protect the Perimeter

There's little use in wearing garlic if you plan on inviting the vampire inside anyways. The best action you can take to protect your devices is to protect the area around them in addition to the above simple fixes. Firewalls can help to block access to devices with unpatched vulnerabilities. A Virtual Private Network (VPN) can add a layer of security and privacy to your home network. The best option is a smart home protection deviceto enhance your home security. What was once a complicated IT technology domain has now become quite simple for the everyday consumer. These devices are able to alert you when a threat is detected and make it easier to manage smart home security needs across a range of different connected devices.

The year 2017 was proclaimed to be the year of the Smart Home. While there's still fragmentation within the industry, the "shiny new toy" factor is wearing off. Now we can finally see that the cute little Mogwai is just a bit of a gremlin. Consumers must secure the devices themselves as well as the computers and phones that control them. Unfortunately, we can't rely on manufacturers to provide this security for our devices. These devices are supposed to make our lives fantastically easy, but instead we must shift gears and protect our homes from the new, invisible intruder, and invest in a smart home security solution that will stop botnets like the Reaper in its shadows. I know it's hard to change our behaviour, but perhaps when securing our WiFi becomes as ubiquitous as locking our front doors, then maybe we'll no longer need a "National Cyber Security Month."

This blog post was originally published on Huffington Post on 27/10/2017