Smart Homes and Tech Need Securing: Here's How

We live in an amazing time. When you think about all of our technological advancements in the last 10 years, it’s hard to imagine life without some of the devices we’ve come to rely on most. Smartphones and people, for example, have both figuratively and literally become attached at the hip (remember when these were cool? Me neither).

It’s not just smartphones anymore though. We’ve entered the age of wearables, wireless, and other wondrous, whimsical wares; a world filled with connected smart refrigerators, smart homes, smart cars--”smart” everything, it feels like. This unique combination of big data, automation, and the “Internet of Things” hearkens the dawn of an exciting era, packed to the brim with possibilities. Unfortunately for most, it also means untold danger in foreign and exotic territory.

In October of 2016, cyber attackers hijacked tens of millions of personal internet-connected devices such as IP cameras, printers, and even baby monitors to create a botnet, and perpetrate the biggest DDoS attack on record, according to experts.

In layman’s terms, what this means is that a group of baddies took control of people’s household devices, the things that make your smart home a “smart” home, and used them to shut off the internet for everybody.

These connected devices are what make up this “Internet of Things” (IoT for short), and according to WIRED magazine contribute to an ecosystem that is wildly insecure. So how do you protect yourself and your home when everything in it, and even it, the home itself, is connected to the wildly insecure IoT?

The New Reality of Home Ownership in a Connected World

Despite any misgivings, there are advantages to going the smart home route instead of sticking with an unconnected traditional home. When it works, it works, and the ability to control and curtail energy output, for example, is going to be essential in the future for curbing greenhouse gases and wasteful energy, and reducing one’s individual carbon footprint. Indeed, I wouldn’t be surprised to see tax breaks for smart home applications in the future (though I doubt it will be as high as the 30% federal tax credit you see on solar panel products and the like).

On top of that, when functioning properly, smart homes do offer an added layer of security. The NEST system, one of the most popular smarthome appliances encompassing thermostat, smoke/CO detection, and security camera functions, has close to a million customers and rising. The camera system itself has been criticized for being somewhat expensive, however, considering that the Dyn DDoS attack last October was achieved through poorly secured security cameras (say that five times fast) from Xiongmai, the extra buck is worth it.

That’s the first lesson that smarthome owners need to learn: you don’t necessarily have to buy the most expensive products, but you will not be safe if you’re buying the cheap stuff. This is because a lot of the lower-end products don’t always prompt--or even allow--for multi factor authentication or even dynamic credentials.

Technical Tips for Keeping Your Castle Secure

Beyond making sure that you’re purchasing hardware that isn’t so cheap you can’t even change its password, here are the main points you should observe when keeping your smart home safe and secure:

• Firstly, realize that since the “smart market” is young, smart home security measures depend largely on you, the end-user. Arun Ganesan, writing for inman.com, notes that because the Internet of Things (IoT) is still so new that manufacturers haven’t, in all cases, been able to keep up with malicious entities like hackers and all of the ways that they might exploit the IoT. It’s important, then, that you take the initiative to make sure you’re deploying security measures.
• Chief among these security measures is a solid password strategy. There are plenty of ways to create a secure password that is actually easy to remember and hard for hackers to guess, but we often do it the other way around. One of the best comics about this is found at xkcd. The point to remember is this, though: your password is your first line of defense in keeping your home secure. Don’t skimp on it, and make sure it’s strong.
• After changing your password, change your device ID name too. Digital Trends recommends that if your device is visible on an open network, that changing the ID can deter hackers who don’t know the brand or manufacturer of your device. Default device IDs usually contain information that tips hackers off to these--so change the device ID as soon as you can.
• Use malware protection on computers and phones, and use them on a different network. MarketWatch mentions that, while not perfect, it’s still better to hedge your bets with third party malware protection than to stay unprotected completely. Since computers and other mobile devices are likely vectors for infection it also makes sense to either purchase a separate internet connection or to create a virtual local area network (VLAN) so that infections can’ jump from one network to another
• Lastly, educate yourself on your devices and keep watch. Make sure you’re checking log histories, keeping updated on firmware and manufacturer news, and generally keeping your eyes peeled for anything suspicious. Never expect everything to run just fine on autopilot--because, while chances are that it will be fine, those are still odds that you don’t want to risk.

Above all, it’s worth it to remember that your smart home should still be treated like a regular home. The same tips that apply to typical homeowners (especially new homeowners) should be observed: make sure you have proper insurance, keep records of everything, and save for unexpected expenses. Just like you never know when you’re going to have to deal with a natural or environmental disaster, you also never know when a cyber-criminal is going to try and virtually vandalize--or worse, hold for ransom--your smart systems.

It pays to be safe when “smart” doesn’t necessarily mean “secure”.