It’s something that has been fictionalized in several movies and TV shows. Hackers gain access into a smart home and manage to remotely control smart internet-connected gadgets like the TV, thermostat, cameras and lights.
Watch this clip from the popular TV show, Mr. Robot, where hackers manage to remotely terrorize a woman out of her own home.
While it is scary to think that such a thing can happen in real life, it has already happened.
Researchers from Kaspersky were able to gain access to a smart home through a central control hub.
Even a simple smart gadget like a smart bulb proved to be a major vulnerability, allowing the researchers to access the entire smart home network and remotely manipulate other devices.
In another study, researchers were able to access smart devices through google searches. They simply searched specific device models or serial numbers to find the default password set by the manufacturer.
Since a surprising number of people don’t bother changing default passwords, they were able to access some smart homes.
Granted, most of these hacks have been for study purposes. But they show the scary side of smart homes.
Case in point: a recent report by the New York Times detailed how domestic abusers were attacking their victims by remotely accessing and controlling various smart gadgets.
How Your Smart Home Can Be Hacked
Hacking a smart home can be as easy as asking for your password or as hard as trying to break into NSA computers.
It all depends on how well each device is secured. Some devices have a lot of vulnerabilities in their code that can be used by hackers to gain access.
The most common loopholes arise when data is being sent between devices.
For instance, the Kaspersky researchers who hacked a smart home hub targeted settings transmitted from the cloud to the hub.
Smart home hubs are controlled either from smartphone apps or web portals. When you log in and change a setting such as the schedule for a robotic vacuum cleaner, the new configurations are sent to the hub from the cloud via the internet.
The hub in Kaspersky’s study used an unsecure HTTP protocol to transmit data, which made it easier for the researchers to intercept it.
Once they found the password and login details within the file that was being transmitted, the rest was easy.
There are several other ways your smart home can get hacked. Some are too technical for most of us to understand.
But generally, hackers take advantage of seemingly mundane information like IP addresses and device serial numbers to make the first hole in the wall. Soon, the entire wall is down.
On the user end, things like using simple passwords or sharing serial numbers can put your devices at risk.
5 Ways to Protect Your Smart Home From Getting Hacked
1. Buy from Trusted Brands
A Google or Amazon smart speaker is going to be much more secure than an off-brand Chinese-made smart speaker.
The same goes for other smart devices like robot vacuums, smart lights, WiFi thermostats and smart security systems.
These companies have a reputation to maintain and take strict security measures to keep their devices secure. They also have more experience with these kinds of attacks and are better prepared to defend against them.
2. Change the Default Password
You’d be surprised how many people continue using the default password set on their devices. One study found that around 15% of devices still used default password values and 10% of devices use the most common usernames and passwords that are easy to guess.
Seriously, it only takes a minute to change the default password on your smart device. Some devices will prompt you to change it during setup but others assume you are smart enough to do it.
When you change the password, make it as strong as possible. Here is a good guide to help you set up and remember strong passwords.
3. Change Passwords Often
Don’t just set up the password and forget. Good security involves constantly changing passwords at least once or twice a year to keep your devices secure.
Also change your passwords immediately if the manufacturer reports there was a hack or an attempted hack.
4. Don’t Buy or Sell Used Devices
You should never buy a used smart device.
I know you are thinking that you’ll just reset it and you’ll be fine. It’s not enough.
Those Kaspersky researchers I mentioned above found that even resetting a device does not completely remove data that can be used to access your home network.
Same goes for selling used devices. Even if you reset it, someone could still find something they can use to hack into your smart home.
5. Secure Your WiFi
Finally, make sure your WiFi network is secure. Hackers find routers to be an easy access route into smart homes.
Change the default password on your router, change the password often and keep the firmware up to date.
Here’s a more detailed guide for securing your router and home network.