People often worry about protecting their computers, smartphones and tablets from hackers and malware. But what about your SmartHome devices? They can be just as susceptible as any other device on your network, even if they aren’t.
Why would hackers use Smarthome devices?
For some SmartHome devices, such as smart locks and Wi-Fi cameras, it’s understandable why they would be great targets for hackers. Breaking your smart lock would allow someone to break into your home without breaking into it. Hacking the camera would allow them to see if anyone is home by looking at your video feed.
With other smart home devices like smart plugs or smart thermostats, you might think that a hacker doesn’t care. After all, who cares if a hacker turns the lights on and off? But in fact theoretically can a lot to do with these devices.
For example, if someone was able to gain temporary access to the same Wi-Fi network that one of your smart plugs is connected to (either through unsecured network access or some clever social engineering), they could then get remote access to the plug, and therefore your network (perhaps using an SSH reverse connection), allowing them to do what they want from now on.
There are many ways that hackers can get in their way, but again, this is just an example of what is theoretically maybe happen. We haven’t found any significant reports of real smart home users being hacked and causing significant damage to their end users, but there is a much more real threat: botnets.
RELATED:What are denial of service and DDoS attacks?
An unprotected device can be hijacked by malware and used to participate in DDoS attacks. Thus, while SmartHome devices cannot be hacked to inflict to you damage, they can be used to harm other users. Thus, you must protect yourself from this for the improvement of the entire Internet. This is not a theoretical threat: there have been many cases where this actually happened.
Many security researchers have found ways to hack various SmartHome devices, including products from popular brands such as SmartThings, Insteon, Philips Hue, and Ring. Luckily, these companies have already released new firmware to fix these holes, but it’s a little hard to imagine how easy it was to hack these devices with the right know-how. Plus, you never know what security holes still exist on these devices that are yet to be discovered.
What can you do to stay safe
Unfortunately, most SmartHome devices are designed to be easy to use and lack a ton of security features. However, you can start by looking to see if any of your SmartHome products are easily accessible from the internet, which opens them up to attackers.
The easiest way to check this is to use the Internet of Things Scanner, which scans your network to see if any of your devices are on Shodan. Shodan is a search engine for public internet devices. You can find things like security cameras, printers, routers, and other devices—just about anything connected to the Internet.
RELATED:How to choose a network security camera for your home
Unfortunately, beyond that, there’s very little you can do to fully protect yourself right now — mostly product companies provide a secure interface.
However, big companies like Nest, Philips, and Amazon are top brands that maintain a reputation, so it’s to your advantage to spend time and money protecting your SmartHome devices. This doesn’t necessarily mean the security is top notch as mentioned above, but it’s certainly much better than a cheap Chinese security camera that was hacked a minute and a half after it was installed.
Therefore, if you are going to use smarthome devices, purchase them from reputable brands and make sure to install security updates as soon as they are released. Your SmartHome devices are updated periodically and these updates mostly consist of bug fixes or new features, but sometimes they may contain critical security fixes that you’ll want to implement as soon as possible.
CONNECTED:Wi-Fi Security: Should You Use WPA2-AES, WPA2-TKIP, or Both?
Also, be careful about which devices have access to your network and make sure you have a secure password set on your Wi-Fi network. Chances are you’ll only give your password to your friends and family, but that repairman you gave your Wi-Fi password to seems pretty innocent, right? Probably no.
For very serious users: create a second network
If you want to take drastic action, you can do what many smart home fans do: put all your smarthome devices on a separate, separate network that isn’t connected to the internet, and connect the main network specifically. for common devices such as computers and tablets that can access the Internet. You just need a second router to broadcast your own network, and avoid connecting it to your modem
This has some big disadvantages, however:
You will need to switch Wi-Fi networks on your phone when you want to control one of these devices. It’s a lot of hassle, so it’s a really good option for those who automate everything or use Z-Wave switches to control all their devices.
Some SmartHome devices needed Internet access to work properly, so they won’t work here. Devices like the Nest Thermostat, Philips Hue, and most smart plugs will work fine, but others like the Amazon Echo or Nest Cam won’t work at all without an internet connection.
If your devices are not connected to the Internet, you won’t be able to use their remote access features — so you won’t be able to control your smart homes while away from home.
You can see why most people don’t do this — it greatly reduces the usability of your devices. But, if you mainly manage your devices with automation and physical smart switches, this might be a good option. But for most people it won’t fly. In this case, the best thing you can do is make sure you buy SmartHome products from reputable companies that release updates regularly and make security a priority.
RELATED:What are SmartHome «ZigBee» and «Z-Wave» products?