Secure your smart home
Smart homes can pose a security risk if not properly protected.
TECHNOLOGY in the home is getting smarter. These days, you can operate your lighting, kitchen appliances, thermostats and even smoke detectors using apps on a smartphone or tablet – but a networked smart home is open to a range of security threats, just like a PC.
According to Maik Morgenstern from AV-Test, an independent security risk evaluator, there are two main threats. “Firstly, people can get access and then the devices can be remote-controlled or blocked. And secondly, recorded data can also be collected.”
This may pose a problem when it comes to motion detectors or cameras, because criminals would be able to see when someone is home.
One method used by criminals is to hijack smart devices and connect them to a so-called “botnet”. Then they will launch DDoS (Distributed Denial of Service) attacks, prompting the hijacked devices to access a website at the same time and causing its servers to crash.
“If a DDoS attack with a device is carried out on a third-party, the user’s line may be overloaded,” says Morgenstern.
He says it’s likely that laws will be adopted in the future to address the issue. “If that were the case, users could be required to prove that they have made an effort in terms of security.” Alternatively, the manufacturer could be forced to take on this responsibility.
But what can users do now? Aside from security marks used by some manufacturers, it may be difficult for them to tell if a device is safe, says Morgenstern.
However, users can pay attention to certain things during setup. “Definitely set your own passwords – even if that isn’t required,” says Morgenstern.
He also recommends using a separate network for the smart home. “Sometimes, it’s possible to set up a second WiFi network on a router, which you can then use for these devices.”
This way, you can prevent malware spreading from a PC. Of course, you should protect the WiFi network with a safe password you have chosen yourself, he says.
Users should also check their devices regularly. “I would recommend once a month – as well as any time that something seems odd,” says Morgenstern. Users can also find information on the manufacturer’s website.
If a new version of the software doesn’t come out for six months or even a year, that isn’t necessarily cause for panic. “But you should definitely pay attention if there are reports of attacks in the media,” Morgenstern says. — dpa