Due to misconfigured devices or insufficient smart home network security procedures, consumers who install smart home gadgets such as baby monitors, Ring doorbells, or surveillance systems are rapidly becoming targets for hackers.
A Chicago family was recently hacked into their Google Nest home cameras and thermostat by a hacker.
Arjun and Jessica Sud utilize a baby monitor to keep an eye on their 7-month-room old's on a regular basis. According to the Chicago Tribune, “they heard something terrifying through the monitor last month: a deep male voice was speaking to their child.” [1]
“The couple gathered their now fully awake son and went downstairs. They realized that their Nest thermostat, which was normally set to 72 degrees, had been pushed up to 90 degrees. The voice then returned, this time through the speaker of a downstairs surveillance camera. It was speaking to them this time.”
As more people in the United States install internet-connected smart home devices that can be controlled and monitored via a smartphone app, hackers are exploiting security flaws to breach into home networks and snoop on homeowners or use compromised devices for cybercrime.
Following recent cyber-attacks on customers, corporations such as Amazon and Google have made smart home device security a major focus, pushing users to take home network and device security seriously to prevent becoming cyber-attack victims.
The Security of the Internet of Things in the New Era
Any smart gadget connected to the internet and a private home network that is not necessarily a server or personal computer, known as the “Internet of Things” or IoT, represents a new route for hackers to attack consumers in their own homes. Connected cars, smart house doorbells, and video surveillance systems are just a few examples of IoT gadgets, which also include speakers, watches, wearables, and even microwave ovens and refrigerators.
Hackers can infiltrate even the most secure devices, such as SmartTVs. According to a Consumer Reports study, Samsung and LG televisions may be capturing their owners' private chats. [2]
“Beyond the potential that your TV maker and app developers may be listening and watching you, that television can also be a backdoor for hackers to enter into your home,” the FBI recently warned regarding SmartTV hacking. Although a malicious cyber actor may not be able to directly access your locked-down computer, it's feasible that your insecure TV will provide an easy backdoor through your router.”
According to the FBI, hackers can use insecure TVs to change channels, alter volume, broadcast unsuitable films to children, or turn on your bedroom TV's camera and microphone and cyberstalk you silently. [3]
Google will soon require Nest customers to utilize two-factor authentication for smart home devices in response to escalating IoT cyber threats.
“We're continually looking for new methods to protect your privacy and security while providing you control over how easy it is to access your account and what you post. After all, gadgets like cameras and smoke alarms are critical in an emergency,” argues Cory Scott, Google Nest's Head of Security and Privacy. “However, adding an extra layer of security to your home gadgets provides you more control over them in the long run by ensuring that only trustworthy people and devices may use them.” [4]
Google Nest monitors IoT security in addition to two-factor authentication by checking for passwords that may have been exposed in previously-known external credential breaches, resetting accounts when suspicious activity is detected, requiring automatic updates, not allowing default or easy-to-guess device passwords, and verifying booting to prevent devices from running malicious code.
Safety Tips for Smart Homes and IoT
Consider the following tips to guard against IoT hackers in addition to following smart home device security requirements and manufacturer recommendations: [5]
Check all installed IoT devices' privacy and password settings.
Change default passwords to sentences and use non-identifiable logins, unique passwords, and multi-factor authentication.
Limit the use and location of always-on gadgets to avoid being continually monitored, as many devices are activated by motion, voice, or other triggers.
To prevent attacks based on known vulnerabilities, update software on all devices.
This will prevent hackers from attempting to access devices that have not had updates installed.
Separate your electronic devices.
To prevent hackers from utilizing a hacked device for network access, set up a specialized IoT network or a specific IoT only wireless network at home.
Keep an eye on your gadgets.
On all tablets and laptops, install next-generation antivirus software, and set up a firewall between your home router and your devices.
“Safe rooms” should be created.
Keep smart home technology out of the areas of your home where you want them to be the safest, including bedrooms and bathrooms.
IoT Security's Business Consequences
Businesses, like consumers, must be attentive and incorporate IoT into their cybersecurity plans.
Security must be a “primary priority in whatever IoT investment you make, from your doorbell to your manufacturing technology,” according to Charl van der Walt, head of security research at Orange Cyberdefense. Any compromise you make today will inevitably come back to haunt you later.”
“As more connected devices enter an organization, IT managers and decision-makers must take responsibility for enforcing appropriate segmentation, access control, and patch management protocols, as well as implementing complete, continuous visibility into their entire network infrastructure,” van der Walt says. [6]
In addition to implementing best IoT security practices, businesses should use increased device visibility and analytics to detect cyber-attacks and compromises, and then make IoT a critical component of their entire cyber security strategy.
[1] chicagotribune.com
[2] consumerreports.org
[3] fbi.gov
[4] blog.google
[5] cnbc.com
[6] information-age.com
