EXECUTIVE SUMMARY:
Discover how you can keep your smart home devices more secure. Did you know that smart device exploits can lead to major business breaches? Join Check Point’s security researchers, Yaara Shriki, Dikla Barda and Roman Zaikin, for an incredible, informative and in-depth interview about smart home devices.
For those who rely on Amazon’s Alexa, or similar smart home devices, what security steps should be taken to prevent data theft?
Treat your smart speakers as you treat your mobile phone and don’t install unfamiliar apps on your smart speakers.
Be careful what sensitive information you share with your smart speaker (e.g. passwords, bank accounts). Be suspicious, if your smart speaker asks for sensitive information think twice before sharing it with the speaker.
Read up about an app before you install it and check what permissions it requires – nowadays anyone can create smart assistant apps and ask for permissions they don’t necessarily need for the app.
When Alexa or similar devices are exploited as gateways to home networks, what types of attacks can hackers then launch?
Attackers who previously infiltrated the home network may install malicious application on smart devices and conduct several types of attacks, such as data theft, denial of service, botnet. They can also leave a backdoor that would allow them to maintain access to the network.
Attackers may access all devices connected to the home network of the user, such as cameras, smart door locks and other smart home appliances, and use them to eavesdrop, spy, or collect other data on the user.
How can business leaders (who are working from home) prevent smart home device attacks from spreading into corporate networks? Should business leaders be worried?
- Business leaders should keep all connected devices updated to their latest version.
- Enable two factor authentications if possible.
- Isolate the home network from the corporate one by using firewalls.
Business leaders should keep in mind that during the COVID-19 epidemic there is an increase in the numbers of attacks on home networks and they should be ready to any scenario.
How common are smart home device vulnerabilities compared to other types of vulnerabilities?
Cyber attacks on home IoT devices have increased tremendously during the past years due to the increase in the numbers of IoT devices being deployed around the world. Smart home device traffic is mostly unencrypted which exposes personal data on the network. Compared to smartphones and PCs, smart home devices lack the proper security measures and are inherently more vulnerable than other devices.
About the researchers:
Yaara Shriki: Yaara Shriki is an experienced security researcher at Check Point Security Technologies. She is an IDF technological unit graduate with experience in penetration testing, vulnerability research and forensics. Outside of work, Yaara volunteers to promote women and girls in tech.
Dikla Barda: Dikla Barda is a Security Researcher at Check Point Security Technologies. She has over 6 years of experience in the field of cyber security research. Her research has identified vulnerabilities in over 100 companies and organizations including major vendors like: Facebook, WhatsApp, Telegram, AliExpress, LG, DJI, TikTok, Alexa and more. Dikla is an active volunteer with high school students, training the next generation of cyber security experts in Israel. In her free time she develops hacking tools, and participates in bug bounty programs.
Roman Zaikin: Roman Zaikin is a Security Expert at Check Point Security Technologies. His research has revealed significant flaws in popular services, and major vendors like: Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft, TikTok and more. He has over 10 years of experience in the field of cyber security research. He spoke at various leading conferences worldwide including Black Hat Vegas 2019 about WhatsApp Protocol Decryption and Chat Manipulation. Roman loves technology and want to know exactly how things work behind the scenes at lowest level of the bit and the bytes.
Did you find this interview useful? Check back for our next piece in the smart home device series.
