Smart homes prime targets for hackers
THE coronavirus pandemic has exposed security flaws in smart home technology from light bulbs to fridges, door locks and washing machines that pose serious privacy risks for Australians.
Researchers have unearthed technical problems in “hundreds of millions of devices” in recent weeks, leaving homes open to attacks, as well as critical problems with the Wi-Fi routers that connect them to the internet.
And security professionals say homeowners are failing to take basic precautions when installing smart devices — akin to “giving hackers a door into your house” at a time of heightened security fears.
Among the new threats, Israeli security agency JSOF found 19 networking problems dubbed Ripple20 affecting “millions” of products including those from HP, Samsung, Phillips and Intel, and cyber security firm ESET discovered vulnerabilities in three smart home hubs, including a model from Fibaro sold in Australia.
Video from unsecured Australian security cameras also showed up on a Russia-based website last month, and it followed security problems in an iBaby monitor, smart garage door platform, connected light bulbs, a video doorbell, and keyless locks. McAfee cyber security spokeswoman Alex
Merton-McCann said with many people now working from home, in lockdown the threat of cyber attacks from well-resourced, foreign actors was growing.
“I hope the big cyber attacks happening in Australia at the moment will provide everyone with a bit of a wake-up call about what they need to do in their own patch,” she said.
“We need to realise if we are going to have connected devices, we need to be proactive (with security) and take this stuff seriously because it can have catastrophic effects.”
Home technology consultant Paul Skelton said he had already heard a growing number of “horror stories” with consumers buying do-ityourself smart home gear, failing to change default settings or set new passwords, and learning about security risks the hard way.
Bitdefender senior e-threat analyst Liviu Arsene said the company recently witnessed successful attacks on Wi-Fi routers that had changed users’ settings and redirected legitimate web addresses to sites with malware pretending to be from the World Health Organisation.
Despite the risks, research firm Telsyte estimates Australian households will have more than 30 devices connected to the internet by 2022, driven by connected lights, cameras, plugs, “and other smart appliances such as speakers”.