March 1, 2019

Alexa, tell Smart Remote to turn on my TV.

Digital assistants have entered our homes and are about to run our lives as well as switch our lights on. Juniper Research has predicted that by 2023, 8 billion voice assistants will be in use – this includes Siri. They also expect the use of smart TV’s to increase by 121% over the next few years.

Our homes are becoming hubs that collect, collate, share, and push our personal data into Cloud storage. In a poll by YouGov, they found that 23% of Brits had one or more smart devices in their home (excluding smart meters).

As our homes become ever smarter, we too need to smarten up our security act. These smart devices are based on connecting up across wireless networks out to other devices and ultimately the Internet. We must take precautions to ensure that our home remains our castle.

Let’s look at some basic security measures we can use to keep security in our home, smart.


5 Tips to Secure Your Smart Home

The YouGov survey mentioned above found that 38% of smart device owners were worried about a cyber-attack. Using our tips below, you can help prevent a cyber-attack on your smart home:


Tip 1 – Do your homework

Like any product you buy, you should spend some time researching the right one for you. However, this research should extend to the security aspects of the device and how seriously the manufacturer takes security; some manufacturers have been hauled over the coals for less than secure practises. For example, PenTestPartners who regularly scour smart devices for inherent security flaws has plenty of sound advice to give. In a recent post on smart home cameras, they called out some well-known names for security and privacy issues: Issues like smart home cameras allowing unauthorised access to camera feeds.

Before you buy, make sure the device manufacturer has robust security and privacy policies in place. Do they abide by data protection regulations? Do they take your data privacy seriously and comply with privacy regulations like the GDPR?

Also, check if the manufacturer performs regular updates to the firmware on the device – standards for firmware updates are being developed to ensure that secure update protocols are used.


Tip 2 – Secure your router

Routers are often the first point of call for a cybercriminal. In 2018, half a million consumer routers were infected with the malware VPNFilter. This malicious software can be used to steal login credentials and personal data. It also seems the malware may have been used to create a massive ‘botnet’. Botnets are a way cybercriminals to control a large number of devices which they then use to perform a distributed denial-of-service (DDoS) attack which will bring Internet sites down. We saw a similar thing back in 2016 when malware ‘Mirai’ managed to bring a large part of the Internet on the east coast of the USA down. The Mirai malware infecting hundreds of thousands of consumer routers and smart home cameras.

Some ways to prevent your own router being hijacked or infected is to give your router a unique name – try to avoid obvious ones, like the name of your street. Also, many router infections happen because of easy to guess passwords or publicly available default passwords. The cybercriminals use these to access your router and install malware, which brings us onto tip 3.


Tip 3 – Get rid of default passwords

Many smart home devices are susceptible to hacking because they come pre-programmed with default passwords. Manufacturers do this so they can gain remote access to apply upgrades.  Hopefully, the standards will stop this practice or at least modify it to create a more secure process.

Always change the default password on any smart home device you purchase. Check the installation instruction on how to do this.


Tip 4  – Then use a good replacement password

When you change the default password, replace it with a robust one. Defence Works recommends using a password made up of 4 random words. If you can visualise these 4 words, all the better to help remember it.

If it is available, use a second factor to create a more secure login process.

Make sure you protect any mobile apps associated with a smart home device in the same way.


Tip 5 – Use a guest network

Setup your home Wi-Fi to give your guests their own login. Most modern routers offer this facility, it’s usually called something like “Guest Zone” or similar. Once set up, you can give your guests the name of the Wi-Fi and the password. You can isolate any devices, like a smart device, from that network. This will prevent any ‘accidental insider threats’.


And one for good luck – Updates

If allowed, always update your smart devices when a patch comes out. This extends to updating any mobile apps associated with the device too. Updating software (and firmware) helps prevent cybercriminals from taking advantage of vulnerabilities which can be used to infect the device with malware.


Your Smart Home is Your Castle

Smart devices are complex technology, that, in the wrong hands can be used to steal data and even take down Internet sites. As these devices become ubiquitous in our homes, they open up more ways for cybercriminals to carry out malicious activity. We wouldn’t hand over the keys to our home to someone we don’t trust, so why give them keys to our home-based devices?  Taking some basic steps, like setting up robust passwords and buying devices from reputable manufacturers, goes a long way to securing our homes.

Looking to raise awareness of cyber-security matters that directly affect your employees?  Help your employees stay safe in the fight against cyber-crime – sign up for a free security awareness training demo, today.  We help employees address the risks both at work but, crucially, in their home life too.

Share this: