There is little these days that can’t be controlled from your smart phone or through a voice assistant. From heating and home security, to appliances, lighting and even connected electronic toothbrushes, the Internet of Things (IoT) has very much installed itself in our homes courtesy of an array of internet-enabled devices. All very convenient for the on-the-go lifestyles of today. But have we taken a moment to consider how cyber-secure this new smart home technology is?
According to security experts, not enough thought is being given to the security of the devices that control our homes. One such expert, Mikko Hypponen, chief research officer for Finland-based F-Secure, a digital security company, says that ‘if it’s smart, it’s also vulnerable’, warning that the more connectivity we furnish our lives with, the greater degree of vulnerability we create for ourselves.
What are the risks with IoT devices?
The main risk with smart home devices is that they can provide an in-road into home networks, allowing hackers to find their way into smartphones, computers and other devices. This in turn gets criminals a front row seat when it comes to viewing sensitive information, from credit cards details to all manner of account passwords.
Some of the weakest smart devices on a network are home appliances, such as fridge freezers and doorbell cameras. The big problem is that users rarely change the default password. This allows hackers to easily compromise a network, finding their way into other devices such as home computers and smartphones, opening malicious websites, launching spyware and creating spam emails, social posts and text messages. They can also suppress alarms, sensors and security cameras, rending properties at risk of intrusion.
What’s more, when voice assistants such as the Amazon Echo and Google Home are linked in to a smart home set-up, there is the added risk of attackers being able to open a door to a property, allowing intruders inside.
This problem has become so widespread that a surge in ransomware attacks has resulted. This is where hackers render devices inaccessible until the user gives in to their demand for a large sum of money. Remember Wannacry that brought NHS IT systems down in massive proportions in 2017? That was what was known as a Distributed Denial of Service (DDoS) attack. So you can see the potential here is very, very serious.
How to protect smart home devices from cyber-attacks?
There are a number of steps you can take to secure your smart home devices.
1. Secure your WiFi network
You can strengthen the security of your WiFi network by changing the network name, by using WPA2 encryption, by setting a secure password and by keeping the firmware up to date.
- Default WiFi network names give away the make and model of the router, which makes it easier for hackers to identify security flaws. This is why changing the network name will help to secure it.
- WPA2 (Wi-Fi Protected Access 2) is a network security technology used on wireless networks. When enabled with its strongest encryption option, anyone within range of the network might be able to view the traffic, but it will be encrypted so that any passwords or financial information won’t be readable.
- Password wise, it’s vital to follow best practice. Machine generated passwords are best according to the Government’s National Cyber Security Centre. These passwords are random and unique and therefore more secure than anything a user will come up with themselves. They also take away the risk of a hacker working out a password using the likes of surnames and dates of birth, as well as some of the more obvious choices. Machine generated passwords may be more difficult to recall, but using them alongside a password manager will remove the memory issue. Here are some of the best password managers for 2020, or you can ask your KP Computer contact for advice.
- Regarding firmware updates, some of the newer routers may have a firmware upgrade button which you can press and that’s everything done for you. Others will need you to go to the manufacturer’s website and download an update.
2. Secure your device
Once you’ve secured your Wi-Fi network, it’s time to turn your attention to the smart device itself.
Again, change the default password to something secure. Next, look at disabling features such as Universal Plug and Play (UPnP). UPnP helps you connect devices to your network quickly, without any need for manual configuration needed. The trouble is, it can also provide an in-road into your network for hackers, allowing them to undertake malicious activities.
Lastly, be sure to keep your device up to date. When you see that a software or firmware update is available, be sure to download and install it. More often than not, these updates include vital patches designed to close security flaws.
3. Switch off the always-on setting
If you use a voice assistant, switching off the always-on setting, or simply hitting ‘mute’, will reduce the security risk. This will make it more of a task to talk to your assistant though, so the best advice is to switch off when you are not at home. If you’re going to be away for a while, unplug the device and secure it in a safe or locked cupboard.
Need help securing your smart home?
If you benefit from some expert help with securing your smart home and setting up your connected devices so they don’t present a host of security flaws, talk to KP Computer. We look forward to being of assistance.