How to keep your smart home and personal data safe
Be smart about your connected home.
There have been some disturbing stories in the news lately about hackers accessing Ring cameras in homes and watching, and even talking to, children. How is this happening and how can you prevent a similar invasion of your home and family’s privacy?
You may have seen this chilling video:
This is not the only incidence of someone hacking into a Ring or Nest camera. YouTube is filled with similar stories.
How are hackers gaining access?
The connected IoT devices in your home do not have the same strong cybersecurity protocols of smartphones and computers and owners too often use the same easy-to-remember (and somewhat predictable) access passwords and usernames to control all of them. This not only makes your home more vulnerable to attack, but because the devices are connected to the internet, they can also serve as gateways into your phone and computer if on the same network.
Here’s an example of how a hacker can gain access to your home:
- A hacker targets your router because it has little or no built-in security and you haven’t changed the default passwords.
- Through your router he accesses data on your smart thermostat.
- He then downloads ransomware and demands payment for the thermostat to work again.
- At the same time, he breaches your Amazon Echo or Google Home and learns your other passwords or financial information.
Once this floodgate of personal banking and identity information opens, it can be a real struggle to repair ruined finances and peace-of-mind. More than 9 million Americans are victims of identity theft each year.¹ So now you may be thinking that your smart devices are more of a headache than convenience. Not so if you follow these guidelines.
How can I prevent a cyber invasion of my home?
- Limit the number of smart devices to those you really need. This may mean you no longer use your smart refrigerator to monitor your shopping list, but you can still use your camera to monitor the baby’s room.
- Consider your Wi-Fi router the “front door” to your smart home. Give it a unique name that is not associated with you or your street address.
- Use the strongest encryption option on your modem – usually WPA2. WPA and WEP are more vulnerable.
- Change all of your easy-to-exploit default passwords to a strong and unique password for each IoT device. Apps like Dashlane ($60) and Keeper Password Manager ($30) are two that can work across all of your devices so you don’t have to memorize each hieroglyphic password.
- Use the guest network for connected home gadgets that you want separate from your personal network (for your computer, phone, and printer). This way, a compromised dryer or thermostat won’t allow a hacker to move on to your financial information.
- Utilize multi-factor authentication. Passwords alone are not a sufficient barrier. Wherever two-factor authentication is available, such as a thumbprint on an iPad a texted code for email, or a security question for a banking account, use it. This way, even if a hacker gets your password, he would have another layer of protection to breach.
- Keep your devices updated. This is a simple and crucial step. Manufacturers are continually testing their devices to find vulnerabilities as well as programming errors. As you have malware-detection for your computer, these device updates often include fixes for security issues.
- Antivirus and antimalware software on your computers and phone can help protect you against many outside threats, as well as any brought into your home by other family members and your guests.
- Disable remote access to any devices where it is not needed.
- Audit the devices already on your network. Is there a newer and more secure version available? It may be time to upgrade.
- Do not use public Wi-Fi networks to manage your devices.
- Check to see if a power outage can result in a vulnerable state for your devices.
- Disable UPnP ² on your router via its web interface. Tens of millions of consumer routers respond to UPnP requests from the Internet, allowing attackers to remotely configure your router.
The market for Internet of Things devices will hit $7.1 trillion by 2020, according to International Data Corp. The selection of devices is only going to get larger and more specific to users’ needs. They are wonderful resources for an easier way of life if users remain mindful of the risks. You wouldn’t leave a door to your home unlocked – don’t leave your devices and appliances open to hackers either.
¹ Federal Trade Commission estimate
² Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points, and mobile devices to seamlessly discover each other’s presence on the network and establish functional network services for data sharing, communications, and entertainment. UPnP is intended primarily for residential networks without enterprise-class devices.