The possibilities of an intelligent home are often idealized, presented as a home paradise - the fridge itself orders the missing food, the vacuum cleaner drives from room to room, and changing the thermostat is as easy as downloading an application on the phone. However, underneath this seemingly always accessible interior and its seamlessly connected components, there are serious privacy and cyber security concerns, according to Check Point experts.
These concerns were presented in a very dramatic way in the second season of the series on modern cyber technologies "Mr. Robot". In one episode of an intelligent home, the TV and stereo tower switch on and off at random, the water temperature in the shower suddenly changes from boiling water to icy water, and the air conditioning switches to Arctic temperature. Someone hacked the intelligent house, forcing the owner to move out. Could this scenario happen in real life, or is it just a fantasy of a Hollywood scriptwriter? How close to reality?
Too close to feel safe
In 2013, Forbes reporters described how they managed to gain remote control over an intelligent home, which allowed them to manipulate lights and water services. Researchers from the University of Michigan revealed errors in Samsung's SmartThings platform, which allowed them to run smoke alarms and open the door. Check Point's research team found loopholes in TV equipment that would allow hackers to access and control other home networks connected to the device.
The emergence of "digital assistant" devices such as Amazon Echo and Google Home represents a new challenge for the security of a cyber-intelligent home. 35 million Americans use a voice activated digital assistant at least once a month - and these devices, with their microphones on continuously and access to very personal data, are an attractive target for cybercriminals.
Check Point recently discovered a gap in the LG Smart ThinQ platform that could allow hackers to take control of a variety of household appliances, from ovens and fridges to vacuum cleaners.
Safety in particular
In many cases, smart home appliances and platforms are designed primarily for connectivity and user-friendliness, and security is a secondary issue.
According to Checkpoint experts, many devices have limited CPU and memory capacity, making it difficult to protect them. When a vulnerability is detected, the patch that will be released by the manufacturer is unlikely to be automatically transferred to the device and updated... leaving the device open for a potential attack.
Even if the device has built-in security features, it is often the user's responsibility to implement these features. Whether it's configuring data encryption, changing passwords or downloading the latest software version. However, it is already known that the majority of users do not take cyber-security seriously enough: a recent study has shown that more than 50% of companies using smart devices do not change their default passwords once they have purchased them.
- If there is something we've learned in the cyber security industry for more than 20 years, it's the fact that whenever a new computer device starts up... someone somewhere will find a way to break into it. - says Oded Vananu, Head of Product Vulnerability Research at Check Point Software Technologies.
Be smarter than your smart home
The good news is that there are practical measures that we can (and should) implement to better protect smart devices and networks at home from hackers and digital intrusion attempts.
Here are five tips:
1. secure your wireless network
- Make sure that your wireless network is protected with WPA2 and that you are using a strong, complex password.
- Give the network a unique name. Don't reveal your name or use your phone number as a username or password - it can be very easy to detect and hack.
- Limit the devices that can access your network and never make them available to the public.
Create two separate Wi-Fi networks
- Use a single network for computers, tablets and smartphones that should be used for secure online banking and shopping. The second network should be dedicated to smart devices. Such a procedure will allow for better protection of your data.
3. take care of the power of passwords
- Make sure that the first thing you do when buying a smart home appliance is to change the default password immediately.
- Change each password to make it more complex and make sure it is different from the rest of the passwords you use.
- It is also recommended to change the user name of the devices.
4. use a firewall to protect your home network
- The firewall allows you to control and limit incoming calls.
- Intelligent devices contain detailed information about ports, network protocols and IP address. The activation of a personal firewall will block unwanted traffic at certain ports, ensuring greater safety.
5. regularly update programs and firmware
- Check the manufacturer's website for software updates. If so, use them. Having the current version of the software will reduce the probability of attack, which is based on the old exploit.