With the improvements of smart home features and products that are flooding the market, one thing that is the most important is security. When you think of security and home automation, you probably think of security cameras, doorbell cameras, and home security vendors, but security does not stop at your door. Security also starts with all the different smart home products that you plug-in and connect to your home wifi. All the different smart home devices that you can use at your home, and connect to with your phone or tablet are also vulnerable to network attacks and even hacking from would be wrongdoers. It is very important that you know to keep the devices that are supposed to keep your home safe, also safe from people that want to take advantage of you. We are going to take a look at exactly how secure different devices are and if it is actually possible to hack a smart home.
Can a smart home be hacked? A smart home can be hacked, and it does not take someone with knowledge of computers very long to do it. When testing the security of smart homes, it only took engineers about 30 minutes to hack their way into a persons home wifi and smart home devices. Smart home devices usually connect to a users home wifi system, and once an attacker gains access to that, is only a few Google searches away from gaining access to all of the devices you have connected to it. Wifi generally has a range of 150 feet indoors and roughly 300 feet outdoors depending on the model of router you have, so anyone sitting out front of your house at night in a car with a laptop can probably reach the signal. Here is a brief list of devices that can be easily hacked:
- Baby Monitors
- Security Cameras
- Doorbell Cameras
- Laptop Cameras
- Other Iot
As you can see, as soon as a person infiltrates your home wifi, they have an open highway to all of your smart home devices and can access the cameras that are installed in your home to protect you. Smart home security is now making its way to the forefront of things to worry about before you upgrade your home to use automation.
Firewalls and Antivirus
The first line of defense is getting all of your computer devices and mobile devices on antivirus. Having a firewall enabled on your router is extremely important for stopping network attacks and will extremely lesson hacks from occurring at your home. No matter what type of operating system you are running like Apple, Microsoft, Linux, and others, you need a good antivirus. For years it was said that Apple could never get a virus, but new research shows that Apple devices can get viruses, and there are lot more out there than we even know about. Make sure that your antivirus and router are set to auto update because new viruses are found every week, and solutions to them are added to your antivirus constantly, so it is recommended that you keep up with it at all times and make sure everything is updated to the latest definitions. Routers can be a bit trickier and you might have to login into it and manually trigger firmware updates, so if you are not handy with a computer, it might be good to pay someone to come out and help you every 6 months or so.
Never use the default settings that come with a device because that is the first thing an attacker will look for. Most people will buy a smart product or wifi router and keep the normal “Admin” or “User” username when setting up your device, but researchers suggest that you ALWAYS change the username AND password on all devices that you get for home automation. The reason for this is because for most products, you can Google “What is the default username and password for XXX” and there will be pages where the default username is Admin, and password is 12345. This is a major no, no, and is easily hacked by even teenagers just wanting to have fun at your expense, so always change the password and username on devices. Even if you have your cable or internet company come out to set up your internet and security system, make them change the username or have them show you how to keep yourself safe.
It is a good idea to keep all of your devices, computers, phones, tablets, and routers on automatic updates at all times. If you do not want to set up automatic updates, then you should plan to check every two or three months for updates on all of your devices. When updates are pushed they almost always include vulnerability updates that keep your devices safe. If hackers are sitting out there trying to find pinholes and ways to get in, manufacturers will keep paying people to close them and keep their users safe from attackers. It is much easier to just set all of your devices upon automatic updates, so that it will go out once a day, or once a week to download and install them so you are always up to date. The one device I would say to not have the auto update is your phone. That you can schedule yourself, and let it be tested before you install it in case there are any issues with the release, all other updates should be fine for other devices.
Public Internet NO NO
NEVER, NEVER, use public wifi to run any device in your home. This is the fastest way an attacker can gain access to your system. A public or open wifi from your neighbor might sound like a good idea because it is free, but it also means anyone with a device or computer can connect to it. Having this level of security removed from your home will open the floodgates for hackers that want to access your smart home. Always encrypt your connection to the internet so there is a barrier of who can and cannot access your wifi, and using someone else’s is not a great idea for home automation and security.
Another level of security you can buy is a VPN or virtual private network that can be added onto your router that will add an extra layer of encryption and security. Basically, all traffic out of your computer will be protected by a private tunnel that is hard to hack. While this is a great idea for anyone that really wants to keep people out of their network traffic, it can be an additional monthly cost starting around $15.00 dollars or more depending on the level of service you get. Having this extra layer of security will ensure that you will be safe from your normal hacker and VPN tunnels are extremely hard to hack.
Another thing that most people do is share passwords between computers, phones, and devices which is a very bad idea. Even though it can be hard to remember usernames and passwords, but it will make a domino effect if one device is hacked. When attackers gain access to a device that is connected to your wifi, the first thing they will try and do is use the same credentials for every device that is connected to your network. Try to name each device a separate username and have a different and unique password for each login. Doing this will have a huge impact on how far a network attack can go, and buy you some time to be notified of an attack to make sure you can stop the domino effect from happening. If you have trouble remembering, you can write your usernames and passwords down on paper and store them someplace safe, or password protect a file that has them on there but make sure to name it something other than “Usernames and Passwords”, so you can have a fighting chance at keeping your security level at its highest.
What Is IOT?
IOT is short for “Internet of things”, and refers to all of the physical devices that connect to the internet that share or collect data in the world. This can be anything from a camera, lightbulb and even thermostats and even smart watches. Anything that is plugged into a network and can push or pull data without the help of a human is in the IOT and can be hacked. IOT is not typically used for things like cell phones, computers or tablets because they normally require human interaction to push and pull data, so they are not included. As wireless networks and other things become cheaper and more available, the list of IOT will grow because manufacturers will start stuffing network data collection into almost anything.