How secure are smart home devices?

First we accessed the Internet on computers. Then we combined the Internet with our phones. Now, you can get all kinds of Internet-connected devices specifically built to make your home more comfortable, more fun, and more connected. From “smart” coffee pots and thermostats to security systems, more and more household devices are becoming connected to the Internet.

There are obviously a lot of benefits that come with smart home devices—the ability to connect devices to apps and remotely control them—but this increasing connection unsettles some people. They worry about being listened to or tracked, or having their devices hacked and their data stolen. And, as is apparent in the news, these fears are often justified.

Smart home devices can be hacked

Most people take steps to protect their laptops from hackers by installing antivirus software. Some worry about smartphones and tablets being compromised, too. But many don’t realize that any device connected to the internet can be hacked—even your coffee pot.

These devices, especially modems and webcams, were targeted in last year’s massive distributed denial of service (DDoS) attacks from the Mirai botnet. The Mirai malware finds these connected devices and infects them, allowing them all to be centrally controlled. The devices become soldiers of the Mirai army and are used to flood the targeted servers with loads of malicious traffic, effectively shutting down the target and disrupting internet service.

These attacks highlighted some big concerns: while tech companies are churning out smart device after smart device, how much are they doing to make sure the devices are secure? As more devices become connected (the industry known as the “Internet of things”), what’s being done to fix vulnerabilities?

Many devices do not actively protect your data

It’s not just hackers that exploit these devices. Multiple companies have been faulted for using the smart home devices to track users’ data and even sell it without letting users know or asking for permission.

Canadian manufacturer Standard Innovation recently settled a lawsuit for spying on the owners of the company’s “smart” sex toys. The company tracked and sold users’ data and was found to have gaping security holes.

In Germany, sales of “smart” doll My Friend Cayla were blocked after it was found to be recording the voices of children who spoke with it. Those recordings were stored on the manufacturer’s server and are vulnerable to hacking.

Data from the Amazon Echo has even been used in a criminal case. Amazon fought back against requests to access its servers but did release some of the customer’s information to investigators, including purchase history. This raised concerns of the device storing recordings and even recording when the device is inactive.

How to protect your devices

As security of smart home devices struggles to catch up to hackers’ abilities, what can be done in the meantime?

First, you can scan your network using the BullGuard Internet of Things scanner to see if any of your devices show up on Shodan, a search engine for publicly accessible Internet devices. This will let you know if any of your devices are highly vulnerable to attacks.

It also helps to create strong passwords for everything—not just bank accounts. WiFi networks and accounts with apps need strong passwords to prevent easy hacking. You should never use the password that comes as the default with the device, as they are very easy to guess.

You should also think twice before buying Internet-connected devices. Do some research on the manufacturer—what has been their track record for security? Are they committed to delivering a secure product? Of course, this is difficult for an individual to determine, and even the most proactive companies can be hacked, but it might sway you from purchasing a device from a careless company.

The idea of a fully smart home is exciting. It promises excitement, efficiency, and ease of living. But without the ability to trust smart devices and protect them from attacks, it will be a while until that concept is fully realized. In the meantime, make sure you do your part to keep your smart home devices—and therefore your home—secure.

Jessica Swarner

Author: Jessica Swarner

Jessica is a recent graduate of ASU where she studied political science and journalism. She is currently a researcher at a local cybersecurity company. Her hobbies include reading up on hacker forums on Tor and giving unsolicited podcast recommendations.

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *

Share This