“Smart home” is the term that refers to homes equipped with electronic devices that can be controlled by your phone, computer, or voice. These devices provide a ton of convenience – responding to voice commands or even unlocking the front door as you approach. And, they’re becoming more and more integrated. In fact, Gartner predicts a total of 20.8 billion connected devices in homes by 2020. However, with the increasing number of smart devices in homes, security researchers are also finding new security flaws.
Earlier this month, USA Today reported on a hacker communicating with a man in Arizona through his Nest security camera, warning him about vulnerabilities in his device.
And, just this week, Check Point CEO Gil Shwed asserted that despite the constant drumbeat of stolen data, organizations need to also be concerned with the vulnerability of systems and their functionality.
If you think that the threat to internet-connected devices is overblown, consider this: A team at Ben-Gurion University discovered just how easy it is to hack smart devices. “It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand. Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely,” said one of the researchers.
Another team of ethical hackers showed how vulnerable a house and its safety can be. A family in Ontario was using a Wink Connected Home Hub, which let the family use a smartphone app to control the home’s front door. Using a phishing email and a fake Wink website, the team of hackers tricked the one of the targets into handing over her login information. After gaining access to the account, the hackers were able to unlock the family’s front door.
So, what to do? Recently, The Financial Times wrote about how security experts manage their own network of smart devices. Orli Gan, head of threat prevention solutions at Check Point, and her husband, Ory Segal, have more than 30 internet-connected devices at home. “We periodically perform penetration tests and occasionally ‘hire’ out expert friends for additional validation,” she says.
Okay, so not everyone has access to the expertise and resources held by security experts. But, consumers can still keep themselves safe by changing default passwords and keeping software up to date. Awareness is key.
We have clearly entered an era where it’s up to owners of connected devices to be responsible for their usage and security. While some legislation is in the works, it’s still a far cry from being an effective safety net.
For those responsible for their organizations’ security, consumer issues are still important. Because the reality is that in today’s word, the traditional borders between work and home have blurred.