How to keep a smart home secure
It’s well known that when it comes to the Internet, homes are never 100% protected. In the wake of high-profile cyber attacks and data mishandling, many homeowners are unsurprisingly cautious to kit out their home with smart home technology. But are the smart home devices themselves the real open door for attackers?
The short answer is no as most smart home components are worthless to hackers. They are mainly switches, lights and sensors – devices that do not collect or store sensitive data so there wouldn’t be any point to hacking them. The true vulnerability sits with the router as it is the connection to the Internet and the main point of attack for hackers to harvest data. These are a few recommendations that electronics suppliers can make to help customers minimise the threat of cyber attacks.
Use a solid router
Most illegal access to a home network is gained via the routers and base stations for smart home technology. Homeowners must be sure to keep the firmware for these up to date, so any new vulnerabilities are usually quickly reduced by installing updates. Modern routers make it possible to recognise all devices connected to them via the configuration interface. Authorised Internet users can usually access this interface through a web browser via a memorable address, which allows unauthorised third-party devices to be detected quickly.
Protect the WiFi
It's frightening how many insecure wireless networks still exist in homes, with passwords such as “12345” still being used. Criminals can easily gain access to smart lights, heating systems and the entire home system, including connected computers, through these networks.
Our research at reichelt shows that whilst most UK adults are familiar with using router passwords to protect their WiFi, 55% of users are actually putting themselves at risk by never changing their passwords. It also shows that the younger generation of 25-34 years olds are the biggest culprits for poor password management with 64 per cent never changing their password.
Making sure the WiFi is at least encrypted using the WPA2 standard and selecting a password that is at least 16 characters long is paramount to tackling any cyber security threats to the router.
Hide the IP address
Anyone who is on the Internet leaves traces, most notably their IP address. Each IP address is unique, so it is specific to the user’s port or router which can be used to target them directly. A tracker blogger such as the eBlocker Pro protects against this. The small device is connected directly to the router and disguises the IP addresses of all its users. To be more specific, it gives a wrong IP address, so nothing can be found out about the user. Even trackers that read browsing behaviour on the Internet, or unwanted advertising, can be successfully blocked.
Disguising the IP address also makes smart homes safer. Smart home components inevitably send data that allow conclusions to be made about the residents, such as a setting that switches all the lights off when a certain smartphone moves out of the home. Here, the eBlocker can ensure that it is not clear whose home is currently empty.
More anonymity in the cloud
Smart home systems usually work with a cloud, which enables the communication between the building and the corresponding smartphone app. Many systems assume that users create an account first. No cloud is completely secure, and the data stored there may indicate at which time a home is usually unattended. Systems like the Homematic IP stores all data anonymously in its cloud, with no need for a user account so any data sitting there is useless to a hacker.
As more British households begin using smart appliances to control their energy usage and home security, it is incredibly important to get the foundations right and ensure the networks used to control them are protected too.
Article courtesy of Thomas Kruse, Smart Home product manager, reichelt elektronik.