If you are checking out Home Automation systems, then you have a number of choices. They all promote the benefits of home automation, such as Control, Comfort and Convenience. It all sounds very inviting. What they do not mention, however, is that such systems have a certain vulnerability.
The Achilles Heel of Smart Tech Devices
As PCmag suggests a complete Smart Home Security system in 2018 will offer the following:
A smart home security system connects to your home Wi-Fi network so you can monitor and control your security devices using your smartphone and an app. Entry-level systems typically include some door and window sensors, a motion detector, and a hub that communicates with these devices using one or more wireless protocols such as Wi-Fi, Z-Wave, Zigbee, or a proprietary mesh network. You can add extra door, motion, and window sensors to provide coverage for your entire house and build a comprehensive system that includes door locks, garage door openers, indoor and outdoor surveillance cameras, lights, sirens, smoke/CO detectors, water sensors, and more.
The Achilles Heel in all that is the connection to the Internet that hackers might use to access your system if it’s not secured properly. This is not a theoretical discussion, many people are being affected. A recent report by Norton states that consumers affected by cyber-crime last year were largely adopters of smart home interfaces and emerging security features. The report revealed that 10 million Canadians spent $1.8 billion dealing with the aftermath of being hacked in 2017, and the average cost per consumer totaled $69.
We are all much more careful nowadays about identity theft. We will often shred any documents that might go into the public garbage. With the radio frequency space, you should avoid that old quotation, “Out of sight, out of mind”. Thankfully with the right measures, it is possible to ensure that the effort needed to hack into your system is not worthwhile.
Barriers to Smart Tech Devices Hacking
Perhaps the most worrying possibility for your Smart Home Automation system is that someone could hack into your system and take control. That might mean they can enter your home whenever they wish or even take over your smart locks and bar you from entering. Or if they connect to your video cameras and watch you and your family, you might not even be aware that your privacy is compromised.
The core of the problem is that every one of your smart devices, however small, can receive signals from others and can in turn reroute them within its network. As a Forbes article points out, there is a lack of awareness about this among consumers and there is no consensus about security standards among the industry players.
When the average consumer buys a smart device, they will find there is very little emphasis on protecting and securing the device and its network in the user manual. In consequence many consumers do not even change the default username, its password and the wireless key of the connected device.
Safeguards against Smart Tech Cyber Attacks
The Forbes article mentioned earlier lists a number of steps to guard the security of your home automation system. Here are some of the more important ones:
- Use secured protocols like WAP2. Use the most secured protocol supported by your devices. It should be now WAP2 or WAP3 if available.
- Set good passwords. Always set strong passwords and avoid using the same password for multiple devices or accounts. Handling this properly is very challenging unless you use tools like Password Manager. A post dedicated to this topic will follow soon.
- Have two-step authentication. This is offered by many service providers and is recommended when available. After entering the password you need to enter additional code that is sent to you via text or email. So even if your password has been stolen it is useless unless there is access to your text or email. Obviously if you use email and your email has the same password this is useless.
- Always change the default username and password of each device. This includes everything from the WiFi Router to the Smart Home Hub and any other device protected by password. While this sounds pretty obvious, it is hard to believe how many don’t do it, not only consumers that are not techie but also IT departments in corporations as is often found when investigating cyber attacks.
- If your WiFi router supports it, create a separate wireless network (aka guest network) with a secure password. Connect your PCs, printers, and NAS to the primary network while moving your IoT appliances to the guest network. This creates an isolation between your primary network and secondary network making it a bit more difficult for hackers to break into your home network. This however might introduce some inconvenience when a mobile device might need to be switched between the two networks for different activities.
- Disable SSID broadcast and then implement MAC address filtering on your WiFi network to make it a little bit harder to discover your network.
- Frequently check for firmware upgrades of your connected devices. This will ensure that you have the latest updates that patch known vulnerabilities and security flaws. You might assume that smart devices would warn you when updates are available. This is not always the case.
We need to be clear here – there is no 100% protection. Any system can be hacked if the right effort, knowledge, and time is applied. It’s just a matter of having a good enough reason to make it worth the effort. For the vast majority of people, implementing even just some of these steps will make it not worth the effort of trying to hack their system.
So how much time you spend and what effort you invest on security protection will depend on how vulnerable you believe you are to attack. Nevertheless it is advisable to do at least the some of the steps mentioned above. If you are uncertain, it is better to involve a professional than only later finding an attacker has been successful.
We’re aware that for most people these steps mentioned above may seem like mumbo-jumbo. Even for others that are more tech savvy, who understand what the terms mean, and may even be able to execute them, it’s not easy. This is especially so when it comes to doing them consistently over time. Just think how often you check for firmware upgrades of your connected devices.
We’d like to hear from you how you feel about this whole topic. How vulnerable do you feel? What help would make you feel safer, if available either as a product or a service. Please add your comments to this post or write directly to us if you need information or can suggest solutions.
Leave a Reply