The Internet of Things (IoT) is slowly taking over consumer markets in every category, from coffee makers to fitness trackers. Yet while smart automation might seem like the ideal for consumer convenience, when it comes to home security systems, connecting to the Internet can lead to increased vulnerability.
The home automation market was worth $78.27 billion by 2022 CAGR of 12.64% between 2016 and 2022 according to marketsandmarkets.com; there’s been an explosion in products that promise to make our homes “smarter.” The best known is Nest, a thermostat that monitors inhabitants’ activity, learns their schedules and temperature preferences and heats or cools the house as it deems appropriate. Many of these products have smartphone apps and Web portals that let users operate devices, cameras, and locks from afar. Getting to live the Jetsons’ lifestyle has downsides though; as we bring the things in our homes onto the Internet, we run into the same kind of security concerns we have for any connected device: they could get hacked.
What if that IP-enabled door lock or garage door opener could be hacked by someone outside your home and made to open on its own? Breaking and entering just got a lot easier. Or, what if a HVAC system could be hijacked and remotely disabled or forced to operate in ways that would damage the system or even cause a fire or electrical short in the home? With control over vital systems that we all rely on, home automation systems would need to be very secure, right?
Dangers of a smart home only arise when they’re connect to a single portal or application. Hijacking smart homes is not a major concern as of writing this post, but in the near future it may present a serious problem. Default passwords on appliances are easily broken when a hacker has access to everything through a connected portal.
Protecting yourself from attacks is fairly easy if you’re aware you can be attacked. The simplest way to protect yourself is by using complicated alpha-numerical stringed passwords on all your connected devices. For example instead of “password123” use a scramble of letters and numbers like R2d5jK25JS1s90. The second layer of defence is to remove your devices from your primary wi-fi. Simply, only allow your connected home devices access to a “guest” network on your wi-fi that uses a different password. Do not use the same wi-fi as your home computers. Commonly an infected home computer will be the gateway to access the rest of your homes connected devices. The final layer of protection is to routinely check for security updates on all of your devices. If a device does not offer security updates it may be advisable to remove and replace it with a product that does.
Routers more than a few years old should be replaced. And don’t use the router provided by your Internet provider, as they are notorious for having security flaws.
Turn on your router’s encryption — WPA2 is a trusted standard in most router settings. If any of your devices signal that it’s time for a software update, do not delay. Install the updated software immediately in case any security vulnerabilities were patched.
We hope this has shed some light on the growing issue of smart home hijacking.
Check back soon for more insightful posts from HDMI Designs.