With everyone jumping on board with Amazon Echos, smart thermostats, smart lighting, and a plethora of other devices designed to make your life easier, is there an increased awareness of exactly what security vulnerabilities Internet of Things (IoT) devices can bring into your home?
When configured correctly, smart home devices offer great energy savings and convenience. When configured incorrectly, they offer an always on, and sometimes very easy way into your private living space – often with the owner being none the wiser.
One of the main vulnerabilities when it comes to smart home devices is default passwords. These are the passwords that are set on your device in the factory and can sometimes be as simple as admin for the username and admin for the password.
Positive Technologies did a study in 2017 using the website shodan.io (a website which advertises itself as the world’s first search engine for IoT devices) which analysed the number of devices which still have default passwords. They found that as many as 15% of devices still had default login credentials. The scariest part of this is that some of these devices are internet connected cameras.
Earlier this year in May, the BBC showed a couple called Alan and Jean. After their shed was broken into, Alan decided it would be a good idea to invest in some cameras to keep watch on their house. What he didn’t realise was that anyone online could now see directly into his house at all times.
Dangerous devices are not limited to just cameras. Other smart devices can not only be dangerous to you, but also to others.
IoT devices are increasingly being used in Distributed Denial of Service (DDoS) attacks. The idea of a DDoS attack is to overwhelm a target with a flood of requests. IoT devices, while not very powerful, offer a large number of devices spread out across the world. A large attack from one place is easier to mitigate because you can just block that place. If the attack is coming from 1 million different places, it becomes much harder to distinguish real traffic from the DDoS traffic.
What can I do to help keep my smart home safe?
If you aren’t sure whether your smart home is as safe as it could be or you would like us to set up some smart home devices for you, please get in touch and we will be happy to help.