Cybersecurity: ‘Smart’ devices can be dodgy, says Ciaran McCauley
Let’s take a closer look at some common ‘smart’ domestic devices, how they could be putting you in danger and we’ll review some simple steps you can take to increase your cyber security at home.
The advance of technology has seen an exponential growth in recent years of devices connected to the Internet, commonly referred to as the Internet of Things (IoT).
The rise of technology has seen the home become ever more ‘connected;’ in 2018 there were an average of eight connected devices per household and this is expected to surpass 12 devices by 2022. We have seen an explosion of ‘Smart’ devices including phones, TVs, refrigerators, ovens and utility meters.
With this comes increased concern around privacy and security. All of these devices collect and process data. Can you trust who is collecting this data? What they are doing with it and how they are protecting it from getting into the wrong hands?
Protecting these devices from hackers is hugely important as access to one can give them entry to your entire network and with that your personal and financial details.
Unfortunately, many of these products were not built with security in mind with research showing that a range of these devices can be compromised in less than 20 minutes.
That said, we should not be afraid of having this technology in our home; connected devices have brought with them huge benefits and an improved quality of life for many.
We should, however, become more vigilant of what products we use and how we are using them to ensure we stay secure and continue to enjoy the convenience of our connected homes. You wouldn’t leave your front door open for intruders to enter – we need to take the same attitude when it comes to our technology.
Let’s look at some popular household connected devices and the dangers surrounding them: Smart Meters can send information directly to your utility provider without needing to get the meter read and can help customers reduce how much they are spending on electric by letting them monitor exactly how they are expending energy.
A lot of these meters have little to no security built into them and believe it or not can be a burglar’s best friend. If the data gathered by the meter is accessed by a malicious individual, it can provide a picture of when the home will be unoccupied.
The same issue can arise from the use of smart lighting and fitness devices such as FitBit which can show a pattern of when an individual is away from their home.
Home assistant technology such as Google Home or Amazon Alexa is usually given full access to the user’s bank details to allow online purchases by voice command. As convenient as this sounds a housemate or child could make unapproved purchases leaving you to pick up the bill! Worse than this, if you are hacked, you could be the victim of identity fraud.
Baby Monitors now quite often have a webcam which allows parents to keep an eye on their child from their phone. There have been multiple chilling incidents in recent years of these cameras being hijacked allowing a hacker to control the camera.
This would be any parent’s worst nightmare. Recent research has found that up to 80% of baby monitors with webcams have extremely poor security. HomeKit, a smart home control system from Apple contained a software bug in 2017 which if exploited would have enabled doors and garages to be opened remotely, potentially allowing a burglar in without having to physically force entry.
Samsung Smart TVs were last year in the news as a vulnerability was discovered which meant attackers were able to remotely control a user’s TV with reports of volume being set to excessive levels, constant channel hopping, and malicious content being streamed on the TV.
Tips for securing your Smart Home
* Change default passwords. The importance of this can’t be stressed enough, especially your Wi-Fi password which is the first line of defence. Manufacturer’s default passwords can easily be found online so by not changing it you are giving the hacker a free pass. Consider changing your router name to something unusual to put hackers off the scent.
* Install updates. Most people are guilty of ignoring updates when prompted to install at some stage. These updates often fix vulnerabilities that could be leaving you susceptible to an attack. Just last week WhatsApp were in the news as the public were urged to install the latest release which contained a fix for a vulnerability which allowed Israeli Spyware to be injected. This spyware allowed attackers to enable microphones, read messages and view photos.
* Use High-street brands. Although they may cost more, well-known brand names are more likely to take security seriously due to the fear of reputational damage. Perform a quick search on a brand you are unfamiliar with to ensure they have a strong online presence and multiple good user reviews. If they have not invested in an online presence they probably haven’t invested in security.
* Check Location Settings. Know which applications you have enabled location services for and turn if you can. Many apps will ask you to enable location services even if it doesn’t enhance your experience so be wary of who you share this data with.