Categories
Device

How to protect your smarthome from attack

@canterrain
Updated Nov 9, 2020, 1:41 pm EST | 5 min read

Every new device you introduce into your smarthome is another device that can be attacked. You can secure your smarthome with simple steps like locking down your router and taking proper care of the gadgets in your smarthome.

Start with Your Router

Most smarthome devices require access to the internet to work correctly. While not all devices connect directly to the internet (like z-wave bulbs), those that don’t typically connect to a hub or other device to gain internet access. So in many ways, the single most significant point of vulnerability is your router.

And securing your router should be your first step. You should change your default admin password used access the router. Update the router’s firmware if it’s out of date, and enable encryption. Always use a complicated password unique to your Wi-Fi router. With a standard (not-Mesh) router, you can accomplish all of this from the router’s web interface. All you need is to find your router’s IP address. Mesh routers, on the other hand, don’t have a web interface. You’ll make the changes from an app.

If your router’s manufacturer isn’t offering new firmware anymore, you should consider replacing it. While we usually say most people don’t need a Mesh router for their homes, smarthomes do benefit from them. You gain better coverage for all your Wi-Fi devices, and most Mesh routers automatically update the firmware and offer additional protection services as a subscription.

Use Unique Passwords for Every Device

Many smarthome devices require a password when you set them up. Usually, that involves downloading an app and creating a user account. In some cases, like Z-wave light bulbs, you’ll create a single account for a Hub to use with several devices.

Every device you create an account for should have a unique, complicated password. If you reuse passwords across services and smarthome devices, you run the risk of a single compromised unit leading to additional points of vulnerabilities across your home.

If you don’t already, consider using a password manager. Services like LastPass or Dashlane can help you create and keep track of long and complicated passwords. You might think password managers are only for saving website credentials, but you can save any kind of password in them. Additionally, you can store secure notes, files, bookmarks, and more in a password manager.

Turn on Two-Factor Authentication Wherever Available

Two-factor authentication is an extra layer of security beyond the simple password. With two-factor authentication, after you provide your password, you then give additional proof of identity. Typically that comes in the form of a code, either randomly generated by a phone app or sent to you through a text or phone call.

Unfortunately, offering two-factor authentication isn’t very common in smarthome devices, but that’s starting to change. Nest and Wyze both offer two-factor authentication now. Security cameras are the devices most likely to have two-factor authentication, and you should absolutely use it with them. As one couple found out, rather than try to break through your router, an attacker may have an easier time using stolen credentials to log into the accounts associated with your smarthome devices. Two-step authentication can help prevent that from happening.

Check the apps associated with your smart devices wherever possible turn it on. We recommend pairing two-factor authentication with an authenticator app, like Google Authenticator for iOS and Android.

Update Firmware on All Your Devices Regularly

Just like your router, you should update the firmware for all your smarthome devices regularly. Firmware is essentially the software built into your hardware—it determines the features and capabilities of your hardware. Manufacturers regularly find problems and patch them, and often add new features along the way.

Generally, you can update most smarthome devices through an app. That includes Z-wave and ZigBee gadgets you connect to a smart hub. You’ll check the smart hub’s app for those updates.

If the manufacturer no longer supports a smarthome device you have installed, you should replace it as soon as possible. If you aren’t sure, check the manufacturer’s website.

Buy Only From Reputable, Well-Known Companies

If you search Amazon for smart plugs, you’ll find dozens of options from dozens of manufacturers. Some you may have heard of, many will likely be entirely unfamiliar. It can be tempting to go with the cheapest option that promises the features you want, but you should investigate the company first.

Most smarthome device you introduce into your home communicate with servers in the cloud. The question is: “who owns those servers?” When you’re looking at a recently released product from an unknown manufacturer, there’s no way to know for sure where it communicates until someone tests it. Unless you’re a security researcher who enjoys the challenge, you probably shouldn’t be the guinea pig.

And besides that, the biggest problem with smarthomes is that your devices might stop working. The company can go under, disappear, or decide to move on to a newer product and end support.
Sticking with a large well-known company doesn’t guarantee that won’t happen, as seen when Lowe’s killed off Iris. But what you do get is a track record to examine. By looking over the company history, you can see how viable it is, and whether or not the company supports its products for mere months or years.

And with an established history, you can even see what a company handles failure. Wyze, the maker of some of the least expensive smarthome products you can ask for, ran into an issue where camera feed traffic went through servers in China. The company explained what happened, why it happened, and how it was going to fix it.

You may not like that it happened at all, but at least you know so you can make an informed decision on whether or not to buy the product, and that’s the point. If you found a product from a new manufacturer, try to find reviews from multiple sites. If all you can find is Amazon reviews, check Fakespot to see if the reviews are real. Try to find any history you can before making the purchase. If you can’t find established history and real reviews, skip the gadget.

Don’t Access Your Smarthome from Public Wi-Fi

Just like you shouldn’t check your bank account from public Wi-Fi, avoid accessing your smarthome from public Wi-Fi. Even if you’re certain you are a legitimate Wi-Fi network, you’re potentially exposing the devices in your home to anyone listening in. It’s best not to do anything sensitive on public Wi-Fi networks.

If you need remote access to your home, either use a device with LTE (like your phone) or consider setting up a personal Virtual Private Network (VPN) to connect safely.

Every new device you introduce into your smarthome is another device that can be attacked. You can secure your smarthome with simple steps like locking down your router and taking proper care of the gadgets in your smarthome.

Start with Your Router

Most smarthome devices require access to the internet to work correctly. While not all devices connect directly to the internet (like z-wave bulbs), those that don’t typically connect to a hub or other device to gain internet access. So in many ways, the single most significant point of vulnerability is your router.

And securing your router should be your first step. You should change your default admin password used access the router. Update the router’s firmware if it’s out of date, and enable encryption. Always use a complicated password unique to your Wi-Fi router. With a standard (not-Mesh) router, you can accomplish all of this from the router’s web interface. All you need is to find your router’s IP address. Mesh routers, on the other hand, don’t have a web interface. You’ll make the changes from an app.

If your router’s manufacturer isn’t offering new firmware anymore, you should consider replacing it. While we usually say most people don’t need a Mesh router for their homes, smarthomes do benefit from them. You gain better coverage for all your Wi-Fi devices, and most Mesh routers automatically update the firmware and offer additional protection services as a subscription.

Use Unique Passwords for Every Device

Many smarthome devices require a password when you set them up. Usually, that involves downloading an app and creating a user account. In some cases, like Z-wave light bulbs, you’ll create a single account for a Hub to use with several devices.

Every device you create an account for should have a unique, complicated password. If you reuse passwords across services and smarthome devices, you run the risk of a single compromised unit leading to additional points of vulnerabilities across your home.

If you don’t already, consider using a password manager. Services like LastPass or Dashlane can help you create and keep track of long and complicated passwords. You might think password managers are only for saving website credentials, but you can save any kind of password in them. Additionally, you can store secure notes, files, bookmarks, and more in a password manager.

Turn on Two-Factor Authentication Wherever Available

Two-factor authentication is an extra layer of security beyond the simple password. With two-factor authentication, after you provide your password, you then give additional proof of identity. Typically that comes in the form of a code, either randomly generated by a phone app or sent to you through a text or phone call.

Unfortunately, offering two-factor authentication isn’t very common in smarthome devices, but that’s starting to change. Nest and Wyze both offer two-factor authentication now. Security cameras are the devices most likely to have two-factor authentication, and you should absolutely use it with them. As one couple found out, rather than try to break through your router, an attacker may have an easier time using stolen credentials to log into the accounts associated with your smarthome devices. Two-step authentication can help prevent that from happening.

Check the apps associated with your smart devices wherever possible turn it on. We recommend pairing two-factor authentication with an authenticator app, like Google Authenticator for iOS and Android.

Update Firmware on All Your Devices Regularly

Just like your router, you should update the firmware for all your smarthome devices regularly. Firmware is essentially the software built into your hardware—it determines the features and capabilities of your hardware. Manufacturers regularly find problems and patch them, and often add new features along the way.

Generally, you can update most smarthome devices through an app. That includes Z-wave and ZigBee gadgets you connect to a smart hub. You’ll check the smart hub’s app for those updates.

If the manufacturer no longer supports a smarthome device you have installed, you should replace it as soon as possible. If you aren’t sure, check the manufacturer’s website.

Buy Only From Reputable, Well-Known Companies

If you search Amazon for smart plugs, you’ll find dozens of options from dozens of manufacturers. Some you may have heard of, many will likely be entirely unfamiliar. It can be tempting to go with the cheapest option that promises the features you want, but you should investigate the company first.

Most smarthome device you introduce into your home communicate with servers in the cloud. The question is: “who owns those servers?” When you’re looking at a recently released product from an unknown manufacturer, there’s no way to know for sure where it communicates until someone tests it. Unless you’re a security researcher who enjoys the challenge, you probably shouldn’t be the guinea pig.

And besides that, the biggest problem with smarthomes is that your devices might stop working. The company can go under, disappear, or decide to move on to a newer product and end support.
Sticking with a large well-known company doesn’t guarantee that won’t happen, as seen when Lowe’s killed off Iris. But what you do get is a track record to examine. By looking over the company history, you can see how viable it is, and whether or not the company supports its products for mere months or years.

And with an established history, you can even see what a company handles failure. Wyze, the maker of some of the least expensive smarthome products you can ask for, ran into an issue where camera feed traffic went through servers in China. The company explained what happened, why it happened, and how it was going to fix it.

You may not like that it happened at all, but at least you know so you can make an informed decision on whether or not to buy the product, and that’s the point. If you found a product from a new manufacturer, try to find reviews from multiple sites. If all you can find is Amazon reviews, check Fakespot to see if the reviews are real. Try to find any history you can before making the purchase. If you can’t find established history and real reviews, skip the gadget.

Don’t Access Your Smarthome from Public Wi-Fi

Just like you shouldn’t check your bank account from public Wi-Fi, avoid accessing your smarthome from public Wi-Fi. Even if you’re certain you are a legitimate Wi-Fi network, you’re potentially exposing the devices in your home to anyone listening in. It’s best not to do anything sensitive on public Wi-Fi networks.

If you need remote access to your home, either use a device with LTE (like your phone) or consider setting up a personal Virtual Private Network (VPN) to connect safely.

Every new device you introduce into your smarthome is another device that can be attacked. You can secure your smarthome with simple steps like locking down your router and taking proper care of the gadgets in your smarthome.

Start with Your Router

Most smarthome devices require access to the internet to work correctly. While not all devices connect directly to the internet (like z-wave bulbs), those that don’t typically connect to a hub or other device to gain internet access. So in many ways, the single most significant point of vulnerability is your router.

And securing your router should be your first step. You should change your default admin password used access the router. Update the router’s firmware if it’s out of date, and enable encryption. Always use a complicated password unique to your Wi-Fi router. With a standard (not-Mesh) router, you can accomplish all of this from the router’s web interface. All you need is to find your router’s IP address. Mesh routers, on the other hand, don’t have a web interface. You’ll make the changes from an app.

If your router’s manufacturer isn’t offering new firmware anymore, you should consider replacing it. While we usually say most people don’t need a Mesh router for their homes, smarthomes do benefit from them. You gain better coverage for all your Wi-Fi devices, and most Mesh routers automatically update the firmware and offer additional protection services as a subscription.

Use Unique Passwords for Every Device

Many smarthome devices require a password when you set them up. Usually, that involves downloading an app and creating a user account. In some cases, like Z-wave light bulbs, you’ll create a single account for a Hub to use with several devices.

Every device you create an account for should have a unique, complicated password. If you reuse passwords across services and smarthome devices, you run the risk of a single compromised unit leading to additional points of vulnerabilities across your home.

If you don’t already, consider using a password manager. Services like LastPass or Dashlane can help you create and keep track of long and complicated passwords. You might think password managers are only for saving website credentials, but you can save any kind of password in them. Additionally, you can store secure notes, files, bookmarks, and more in a password manager.

Turn on Two-Factor Authentication Wherever Available

Two-factor authentication is an extra layer of security beyond the simple password. With two-factor authentication, after you provide your password, you then give additional proof of identity. Typically that comes in the form of a code, either randomly generated by a phone app or sent to you through a text or phone call.

Unfortunately, offering two-factor authentication isn’t very common in smarthome devices, but that’s starting to change. Nest and Wyze both offer two-factor authentication now. Security cameras are the devices most likely to have two-factor authentication, and you should absolutely use it with them. As one couple found out, rather than try to break through your router, an attacker may have an easier time using stolen credentials to log into the accounts associated with your smarthome devices. Two-step authentication can help prevent that from happening.

Check the apps associated with your smart devices wherever possible turn it on. We recommend pairing two-factor authentication with an authenticator app, like Google Authenticator for iOS and Android.

Update Firmware on All Your Devices Regularly

Just like your router, you should update the firmware for all your smarthome devices regularly. Firmware is essentially the software built into your hardware—it determines the features and capabilities of your hardware. Manufacturers regularly find problems and patch them, and often add new features along the way.

Generally, you can update most smarthome devices through an app. That includes Z-wave and ZigBee gadgets you connect to a smart hub. You’ll check the smart hub’s app for those updates.

If the manufacturer no longer supports a smarthome device you have installed, you should replace it as soon as possible. If you aren’t sure, check the manufacturer’s website.

Buy Only From Reputable, Well-Known Companies

If you search Amazon for smart plugs, you’ll find dozens of options from dozens of manufacturers. Some you may have heard of, many will likely be entirely unfamiliar. It can be tempting to go with the cheapest option that promises the features you want, but you should investigate the company first.

Most smarthome device you introduce into your home communicate with servers in the cloud. The question is: “who owns those servers?” When you’re looking at a recently released product from an unknown manufacturer, there’s no way to know for sure where it communicates until someone tests it. Unless you’re a security researcher who enjoys the challenge, you probably shouldn’t be the guinea pig.

And besides that, the biggest problem with smarthomes is that your devices might stop working. The company can go under, disappear, or decide to move on to a newer product and end support.
Sticking with a large well-known company doesn’t guarantee that won’t happen, as seen when Lowe’s killed off Iris. But what you do get is a track record to examine. By looking over the company history, you can see how viable it is, and whether or not the company supports its products for mere months or years.

And with an established history, you can even see what a company handles failure. Wyze, the maker of some of the least expensive smarthome products you can ask for, ran into an issue where camera feed traffic went through servers in China. The company explained what happened, why it happened, and how it was going to fix it.

You may not like that it happened at all, but at least you know so you can make an informed decision on whether or not to buy the product, and that’s the point. If you found a product from a new manufacturer, try to find reviews from multiple sites. If all you can find is Amazon reviews, check Fakespot to see if the reviews are real. Try to find any history you can before making the purchase. If you can’t find established history and real reviews, skip the gadget.

Don’t Access Your Smarthome from Public Wi-Fi

Just like you shouldn’t check your bank account from public Wi-Fi, avoid accessing your smarthome from public Wi-Fi. Even if you’re certain you are a legitimate Wi-Fi network, you’re potentially exposing the devices in your home to anyone listening in. It’s best not to do anything sensitive on public Wi-Fi networks.

If you need remote access to your home, either use a device with LTE (like your phone) or consider setting up a personal Virtual Private Network (VPN) to connect safely.

How to protect your smarthome from attack

Generally, smart home device users are a satisfied bunch, but that doesn’t mean their gadgets are without security risks.

In the past a burglar could smash a window or force a door open to invade your home. Now they have force multipliers in the form of online apps and portals which control the smart home gadgets.

With so many hacking communities on the Dark Web, it is relatively easy for online burglars to acquire the skills to launch cyber attacks.

How to protect your smarthome from attack

Free Hacks, one of the popular Dark Web hacking communities

How Bad Is the Problem?

The truth is we don’t really understand the extent of the risks involved. It is safe to assume that for every smart home gadget out there, some miscreants are busy discovering its Achilles heel in security.

Let us examine worst case scenarios to understand how bad it can get. In the past, the Mirai botnet and Dyn attacks not only took down smart devices but also crippled the Internet for a while.

According to the latest Kaspersky report, Mirai has now become more predatory because it alone is responsible for 21 percent of all IoT attacks. There is a new set of attack vectors for routers, cameras, digital signage systems. and access gateways.

Then there is the problem of attempted logins and a lack of encryption in smartphone IoT apps. Not all hacking attempts are malicious, though. Sometimes the kids only want to mess around, for example by supplying fake images to video doorbells.

How to protect your smarthome from attack

Overall, the smart home security problem is very serious, to say the least. Should that then put you off any purchase of smart home devices? This myth-buster will explain that.

You can protect the smart home in the following ways.

1. Secure Your Perimeter – and the Rest Will Follow

While there is no antivirus to safeguard all connected devices, sealing routers and Internet gateways is a necessary first step. As a must, you should update MAC addresses from numeric values (34:45:12:22:18 ) to names (“Fridge1,” “TV2”).

WPA3 routers are one of the finest security standards for next-generation smart devices. This is because they support open Wi-Fi encryption, which means no packet sniffers, spoofing or man-in-the-middle attacks.

Currently, very few routers (approximately only 144) support WPA3 encryption, but it does include leading names such as NetGear, Linksys and Cisco. If you get yourself one, the cryptographic strength of your network is impenetrable.

How to protect your smarthome from attack

List of routers on Wi-Fi alliance website which supports WPA3

It is always helpful to separate your guest network from the one you use to connect with smart devices. This could mean two separate Wi-Fi connections in the home.

2. Check the Settings for Your Devices

You may have to invest in a smart home network security system such as Avira Safethings or Google Nest Secure. This helps you gain a bird’s eye view of all smart gadgets from one single window.

As some of your gadgets will run on Bluetooth or LoRaWAN, a solution like this is real handy. It is just like creating your own inventory of IoT gadgets.

How to protect your smarthome from attack

Always change the default passwords for all shipped devices in clear text format. In one case Google intruded into the homes of Nest Camera owners asking them to update the passwords.

It is very important to have strong unique passwords for individual devices. Without that you expose yourself to the manufacturer’s vulnerability or some loophole in the smartphone apps.

3. Use Multi-Factor Authentication

In the era of IoT security stakes, just a one-time code received by the phone may not be enough. An extra security step for the most precious device might include face or voice recognition.

How to protect your smarthome from attack

Multi-factor authentication as per NIST guidelines

By default, most smart devices can enable some degree of multi-factor authentication. While it might be time-consuming at first, you only have to authorize the triple settings once.

4. People – the Weakest Link

Of course, no man (or woman) is an island. We all share our homes with our loved ones. While it is not a good idea to dictate your rules on those you share your homes with, you should protect your home by keeping track of intrusions.

This means doing regular audits to assess the vulnerability of your smart home. For example, if your children bring home friends whose faces are registered in the smart door entry system, it leaves loopholes.

Simply update and delete the imprints on the devices which can cause vulnerabilities. For this you have to draw a clear distinction between home dwellers and outsiders. As long as you make provisions so that guests cannot breach their privileges, you are safe.

How to protect your smarthome from attack

In Conclusion

Smart home objects, like any other complex things in life, require a responsible purchase. Just as you don’t drive a car without insurance or regular servicing, you don’t set up a smart home without knowing how to secure it.

What steps have you taken to ensure security in your budding smart home? Do let us know in the comments.

This post was originally published on September 6, 2016 and has been updated for accuracy and comprehensiveness.

Did you know 127 new Internet of Things (IoT) devices connect to the Internet every second? That’s over 10 million devices each day.

However, with increased connectivity and convenience, many homeowners overlook the security risks associated with IoT devices.

Below, we provide an example of real-life smart home cyber attacks and outline security trends that teach homeowners the importance of protecting their homes.

Cyber Attacks on Smart Homes

Hacking can be easy when homeowners lack basic system security.

In fact, new research reveals how cyber criminals can hack a smart lock and easily gain entry to the home. According to the report, researchers learned they could extract a private key from the memory card on the device, making it possible for anyone to access the locks without needing a password.

In another instance, an Illinois couple heard a strange voice coming from their seven-month-old son’s bedroom. When the father went to investigate, he discovered someone had hacked into one of the family’s home security cameras and was talking to their child. The camera manufacturer insisted that the system was not breached and highlighted the importance of constantly updating devices.

How to Better Protect Your Home

Smart homes give cyber criminals another vital entry point into our daily lives—one that many homeowners don’t fully understand.

Hackers look for preventable flaws in automation systems, such as unsecured networks and outdated software. The cyber attack on the Illinois family detailed above is a prime example of three of the simple ways smart homeowners can improve system security:

  • Change default passwords. Limit network and system access to authorized users.
  • Keep all smart devices up to date with the latest software. Mitigate the risk of a cyber attack by downloading any patches as they become available.
  • Work with a trusted security provider. Ensure your home is properly equipped with the latest software for the best protection of your family.

As technology continues to advance at a rapid pace, homeowners cannot afford to leave their homes unprotected from digital threats. Any device that is connected through the IoT is susceptible to cyber attacks. Stay up to date on all security trends and subscribe to our blog for more tips and best practices for protecting your smart home.

Brought to you by

As our connected devices and household appliances increasingly talk to each other, how do we keep our homes safe from hackers?

May 21 2017, 12:01am

How to protect your smarthome from attack

It’s May 2020 and you get a call from your bank saying that there have been a number of suspicious transactions on your account. The fraudsters had all your details, so they looked legitimate. By the time the transactions were flagged up as suspicious, the fraudsters had taken £1,000.

You’re baffled. You take cyber security seriously and always keep the software on your laptop, tablet and phone up to date. You are careful with passwords and never click on suspicious emails. But then a security expert at the bank asks, “What about your lightbulbs?”

You laugh, but he’s not joking. Yours is a high-tech home. Your lightbulbs are connected to the internet via wifi. This connection is not particularly secure and it’s possible that the hackers have used wifi to get into your lightbulbs. Or perhaps it was the coffee machine, the smart thermostat, the intelligent fridge or even your car. The point is, once they had found a chink in your home’s armour, they could access your home hub. After that, your house was their house.

This is happening now. Two months ago leaked documents apparently showed that devices such as smart TVs could be used to spy on their owners. And last month, the University of Canberra’s Nigel Phair warned that smart meters were at risk.

The internet of things (IoT) is technology’s next great act. It’s where the internet moves beyond traditional computing devices such as phones and laptops and embraces everyday objects and devices such as cars, toasters, thermostats and so on. The most popular example is the intelligent fridge that orders milk online when it notices that you’re low.

Of course, the internet of things will bring enormous benefits. Your connected car will know exactly when it needs a service – and why. Your thermostat will learn how you like your home and
work out the cheapest way to deliver this. Networked security systems will enable you to monitor your home from your phone. The IoT promises a brave new world where intelligent devices fit around you and your needs.

It will also include everything from medical monitors used in hospitals to sensors which operate road tolls. According to the IT consultancy Gartner, there are 8.4 billion connected things already – an increase of
2 billion on the previous year. By 2020, there will be more than 20 billion. The majority of these will be consumer devices.

For hackers, this means billions of potential new entry points. A 2016 report by the security company ForeScout listed devices from fridges to phones to energy meters as potential weak points. As with so much fraud, these devices may not appear much of a risk. But they mean that potential hackers can gain access to information that will allow them access to the next level.

In case you imagine that this is all years away, in 2015, in a controlled experiment, a pair of hackers in the United States showed that it was possible to compromise a vehicle. While the car was travelling at 70mph, they took control of it, turned the steering wheel and applied the brakes. The systems these hackers exploited are in hundreds of thousands of vehicles already.

In 2016, Blackberry employees proved that taking control of a connected coffee machine was child’s play. The coffee machine could be the gateway to the entire house.

In the real world, vast networks of compromised devices such as security cameras and home routers have already been turned into “bots” that can be used to bring down systems in coordinated attacks. Security firms regularly report viruses that target IoT devices. As viruses love big networks, the internet of things is a huge new opportunity for them.

What makes this even more worrying is the rate at which the total volume of consumer data held by organisations is growing. According to the research firm IDC, by 2020 the total amount of data in the digital world will be 44 zettabytes, or 44 trillion gigabytes. A big part of the reason for this growth is the internet of things. Governments and blocs such as the EU have begun formulating security guidelines but, in technological matters, regulations nearly always lag behind reality.

Like the original internet, there will almost certainly be a lot of learning as we go. You can help reduce risks now by asking the people who sell IoT devices what precautions you should take. Speak to the organisations you deal with regularly. Apply the safety rules that you always use online. And if in doubt, don’t connect it.

The internet of things may be the next big thing for consumers, but it could also be the next big thing for cyber-criminals.

Make sure your fridge isn’t spying on you

Smart home devices fall in a strange gray area between computers and home appliances. No one thinks of cybersecurity when they look at their coffee pot, but in this brave new world it might be time to consider the security of your home Wi-Fi network while you brew your morning cup of joe.

It seems like more reports crop up each day about new ways of breaking into once-secure networks, like this one from the New York Times about using a laser to hack a voice assistant.

How to protect your smarthome from attack

Hackers are creative, and they only become more so with time, but you don’t need to rid your home of smart devices. There are steps you can take to protect your smart home from hackers.

Use Multi-Factor Authentication

Gone are the days when a single password was enough to keep your network secure. A single password, no matter how complex and secure, is rarely sufficient to keep your information safe.

How to protect your smarthome from attack

By implementing multi-factor authentication on all of your accounts, you add an additional layer of security that is much more difficult to break through. While it might add a few seconds into your log-in as you check your phone for the code, it’s far better than finding out your accounts have been compromised after the fact.

If an account offers the option to use a randomized authenticator, take advantage of it. Randomized authentication codes are even more secure than multi-factor authentication. The downside is that their availability tends to be limited to high-end accounts, like a business login.

Keep Devices Out Of Public Sight

How to protect your smarthome from attack

The idea of a hacker using a laser to break into a smart device sounds a bit ridiculous, but it’s been proven effective. Smart devices can register light in the same way they register sound waves, which can give an intelligent hacker an easy way to break into a network.

While the average home isn’t likely to be targeted by such a sophisticated method, it is still smart to keep devices out of view from the exterior of your home. After all, smart home devices are expensive and might prove a tempting target for ne’er-do-wells.

Keep Your Devices Up To Date

Manufacturers regularly push out updates to safeguard devices against newly-discovered vulnerabilities. It’s one of the reasons why software updates to operating systems come highly recommended; a new update patches any exploits or backdoors that could be used to access the system with proper authorization.

How to protect your smarthome from attack

While many smart home devices use apps that will update automatically, firmware updates sometimes have to be performed manually. Keep an eye on your devices for any recent updates and make sure they are installed.

You should also keep an eye on the permissions that various apps ask for. Apps can ask for a wide range of permissions, but typically it is related to a few things: microphone access, sometimes camera access, and any relevant permissions it needs to perform its task.

If a particular permission seems out of place or unnecessary, research it. Do not give permission just because an app requests it; find out why it needs that access in the first place.

Stick With Trustworthy Brands

The smart home industry has exploded. While that is great news for the industry itself (and for consumers, since competition results in lower prices and better deals), make sure you trust the manufacturer.

How to protect your smarthome from attack

If the product comes from a brand you’ve never heard of, take the time to find out whether that brand is trustworthy. If it doesn’t have a stellar reputation or other users have reported security issues, it’s a good idea to pass on that particular device.

Companies like Philips Hue, Samsung, and August all have established themselves as market leaders due to the quality of their devices and the amount of security protocols in place to protect users. Mainstream companies care about their bottom line, and they know that any massive security breaches will hurt that.

These companies also have the ability to pour money into better security practices that will ultimately help protect your smart home from hackers.

Do Not Use The Same Password & Username For Each Device

When you have a lot of different smart home devices, it’s easy to use the same username and password across them all. After all, it’s hard to remember a lot of different passwords—but no matter how much trouble it might be, use a different password and username for all of your devices.

How to protect your smarthome from attack

Otherwise, if a hacker figures out the login credentials for just a single device they can take that information and use it to access other devices on the same network.

With that in mind, make sure your email address has all of these security protocols in place. Use two-factor authentication, a strong password, and whatever else you can to protect it.

Many smart home devices are accessed through your email account, which would allow a hacker to request password resets if he or she ever gained access. Take the proper steps to protect your email just like you would any device on your network.

Patrick is an Atlanta-based technology writer with a background in programming and smart home technology. When he isn’t writing, nose to the grindstone, he can be found keeping up with the latest developments in the tech world and upping his coffee game. Read Patrick’s Full Bio

Although smart homes have made daily life easier, they also pose some serious risks for your security. By following these tips, you can protect your smart home and keep hackers out of your security and property.

How to protect your smarthome from attack

These days, most people have at least some smart home gadgets in their house. Some professionals are also starting to fill up their offices with internet-connected devices. While these products can offer us lots of time and stress savings, not to mention be fun to use, they do have some potential risks we need to be aware of.

For example, with hackers noting how many millions of people now have smart home gear in their property, more and more are taking to targeting these devices to break into systems and homes. To protect yourself from this, it’s important to take steps to stay safe. Read on for some simple yet effective ways you can keep hackers at bay today.

1. Buy Quality Brands When Shopping for Products

Firstly, you can work to protect yourself right at the time you initially buy your smart home products. When comparing options, it pays to look at trusted brands, as these typically have a bigger focus on security and can therefore be less hackable than products produced by other manufacturers.

Big names that have been around for many years tend to have more resources to put into security measures in the design and manufacturing phases, as well as more concern for their businesses if issues do occur, which increases their vigilance.

2. Change the ID Settings on Your Devices

Once you’ve bought your devices, you also need to update the ID settings, which come already set up on them. Most manufacturers ship out their products with default usernames and passwords and then provide guidelines for changing these details in their instruction manuals. However, many people don’t bother running these updates, a fact which hackers take advantage of.

Cybercriminals realize many people won’t take the time to change settings, and hackers can simply look up default credentials on forums or manufacturer websites or other public spaces. From there, they can conduct scans in your area and see the ID name of the manufacturer coming up on a list of nearby connected devices. When this happens, they’ll see you haven’t made any security updates and straight away know the password they need to input to gain access to the device. Avoid leaving yourself vulnerable to attacks like this by changing settings ASAP.

3. Protect Your Wi-Fi

Another protective step to take is stopping hackers from accessing your wireless internet. Since smart gadgets are connected to the internet all the time, cybercriminals realize they have a way of getting into devices through your Wi-Fi. Keep them at bay by password-protecting your connection, so no one in the area can simply step into your network.

Anyone who wants to use your internet should have to input a password to access the service. This code needs to be a good one, too. It should be at least eight characters in length and made up of a variety of characters, such as numbers, symbols, and letters (both upper-case and lower-case). Don’t use details you’ve shared publicly online as the basis for your codes, either. For example, avoid pet or children’s names, addresses, birthdates, and the like.

4. Use Security Software

Next, install security software onto your computers, tablets, and smartphones—any devices you use to control your smart home products. You need to protect these gadgets from hackers so they can’t break into them and from there, get access to your smart home devices.

Choose quality software that covers against a wide variety of threats. For example, you’ll want protection against ransomware, spam, and malware, as well as something that incorporates virus and spyware removal if you do get stung by an attack. Adding firewalls also helps, as these add another layer of security.

5. Keep Everything Up to Date

Another way to go the extra mile to protect yourself and your family is to ensure you regularly update the software, firmware, and drivers on your various internet-connected gadgets. Unfortunately, most smart home products won’t actually update themselves automatically, so you need to set reminders to check for, and run, updates yourself. Do this monthly, via the smartphone app you use to control your devices or other methods depending on manufacturer instructions.

Even if you have just-purchased items, do a quick check to see if any updates are available for them. While you might think this isn’t necessary since they’re new, remember that they’re only new to you; they might have been sitting in the store or another warehouse for many months, or even years, first. In that time, numerous updates may have become available.

How to protect your smarthome from attack

Equipping your own four walls with smart devices carries many advantages. Your shutters lower automatically as soon as the weather sensor detects sunshine. Soft music emerges from your speakers to help you wake up in the morning. Control your blinds, lights and floor heating with a single switch. However, connecting to the Internet also makes you and your smart home system vulnerable. If you don’t invest enough time and effort into security, your home will quickly become a digital target. For a safe smart home, it’s essential that you know the following tips and follow some basic rules.

How to protect your smarthome from attack

placeholder

Customise your voice assistant

A voice assistant, as found in your smart speaker or phone, can make your life easier. But only if you set it up correctly. If you leave the default settings untouched, you’ll be in trouble soon enough. Unauthorized users can then gain access to your smart home and the devices in the system. An important point is the voice profile. Make sure you create a profile for your own voice right off the bat. This way, the smart speaker can only be used by you. If you don’t live alone, you can also create profiles for your roommates and give them the permissions you want.

Check regularly for updates

Security is never eternal, it’s always temporary. Even an analogue U-lock, which was previously unbreakable, can be opened using new methods. The same applies to digital security. Hard and software is only protected if it’s up-to-date. Services and devices that have an Internet connection must always be up to date. this way the network doesn’t become a weak point ripe for exploitation. If possible, set your preferences so that devices update themselves automatically. Otherwise, you should regularly check for available updates yourself. In today’s fast-paced technological world, doing this every day is best.

Digital devices are insured too

Cars and holidays can both be insured. So why not do the same with your digital assets? You can do almost everything from your smartphone these days: phone calls, messages, business emails and banking. Imagine what would happen if your phone fell into the wrong hands. Since almost every smart home runs on the mobile network, you’re vulnerable there as well. For some time now, insurance companies have been offering solutions that protect your online belongings. No matter whether your private cameras at home get hacked, your windows aren’t closed in the event of an impending storm due to a malfunction, or your credit card data is passed on to a third party via the smart home network: cyber insurance or an appropriate clause in addition to your existing insurance protects you in such cases.

A strong password is key

Using the same e-mail address and password everywhere is easier to remember. It’s even easier – for example with routers – to keep the default Wi-Fi password. This makes breaking into them a breeze, however. Follow these points to secure your smart home access:

  • Always change the user name and default password after purchasing a new device.
  • Each router has a password to access its menu. It needs to be changed too.
  • If an e-mail address is required, use a different one than the one you have for Facebook, news pages and online shops. If necessary, create a new address with a free provider.
  • Choose a complex password: no names, no animals, no terms. Choose a random sequence of upper and lower case letters, numbers and special characters – the more characters, the better.
  • Even if you have to remember several passwords, it makes sense to choose a different one for each smart home application. You can use a password manager that manages all your passwords and is protected by a master password.
  • Don’t store your computer and phone passwords in browsers or apps, but in a password manager.
  • If you control your smart home via mobile, unlock it via fingerprint, face or retina scan. Also activate remote deletion of all data.

Wireless isn’t always easier

What’s so good about radio waves and wireless signals? Well, you can receive them relatively easily almost anywhere – from the cellar to the roof. Either directly or otherwise with repeaters. But this also carries a serious problem: with Wi-Fi, for example, only one password protects you from someone else gaining access to your network. Never blindly trust radio-controlled technology when it comes to your smart home system. Always clarify whether the corresponding products are also available as cable-based solutions. It’s not always possible, but more often than you think. For example, cyber criminals must first physically enter the network in order to cause greater damage. This is much more complex than hacking into a wireless smart home network.

Multiple networks offer more security

A smart home system with all devices running on the same wireless network can be compared to a safe with a door on each side. If you get through one of the doors, you’re in and can get anything you want. You can also open all other doors from the inside to clear out the contents more quickly. To prevent this from happening to your smart home, configure your Wi-Fi router to generate several signals that are independent of each other. Most modern routers can do this. If this isn’t the case, time for a new device. So-called guest access doesn’t just give friends and visitors access to your Internet connection. It also protects your own network. This is because guest Wi-Fi can merge individual gadgets in your smart home that don’t use the same connection. An additional safeguard in case one of the networks is hacked.

Do you know of any other mistakes that should be avoided around a smart home? Or do you know of other security gaps that make a digital home vulnerable? Let me know in the comments. If you don’t want to miss any more smart home articles, follow me by clicking the «Follow author» button on the author profile.