Smart homes consist of many devices that perform different tasks and are connected to the Internet of Things (IoT). It doesn’t matter whether these devices are different from each other. What matters is what they do to make their users’ lives easier. Although these devices have revolutionized life in the home, they also create dangers that have never been seen before regarding the security of homes.
The number of smart home devices is expected to increase by about 17 percent each year until 2023.
This means that 1.6 billion smart home devices will be sold. This estimate is in line with the ever increasing use of smart home appliances around the world. The study “IoT Device Security: Locking Out Risks and Threats of Smart Homes” conducted by Trend Micro, one of the global leading companies of cyber security, also reveals different levels of possible attacks against the Internet of Things devices while examining different smart home attack scenarios in detail.
Smart homes make day-to-day life easier.
A smart home makes it possible for its users to have a comprehensive access to many features of their homes, even when they are far away. For example, users can monitor their homes in real time with a mobile application or web interface, or communicate with their children through a smart toy, or remotely unlock the smart lock for a trusted friend.
This and many other scenarios suchlike are quite useful if users have good control and viewability on their installed devices. However, if this control and viewability gets into the hands of malicious players, problems begin.
Devices in smart homes are under threat!
Vulnerability in devices, improper installation, and the use of predetermined passwords are factors that can cause cyber hackers to take control of at least one device in smart home systems. As a result of the capture of a single device, many actions based on the capabilities and functions of that device can be performed.
For example, an infiltrated smart toy can mean a direct risk to children. Cyber pirates can contact the child directly or record the child’s daily activities unnoticeably by using toys. Smart toys with vulnerability can be quite dangerous when infiltrating inside, although they are reliable for the child to play.
The study conducted by Trend Micro, gives an overview regarding scenarios that even the smart bulbs and robotic brooms are used by cyber pirates to disturb smart home owners, or obtaining their confidential information; as well as threats that can occur in various areas of the house, such as starting from the front door, living room, kitchen and bathroom.
What about outside the smart homes?
Although the study is based on the smart homes, the same problems apply to all areas where vulnerable or incorrectly set devices are used.
Many of the devices used in smart homes are also used in companies. Smart refrigerators and smart coffee machines can be found in a company’s kitchen or in-house spaces that employees use to take a break. In addition, many companies have smart bulbs that are used for the purpose of being the “Green Office”.
Portable and wearable smart devices also add a separate layer to the security concerns related to the internet of things, because these devices are accessible to both corporate and home environments. Devices such as smart watches are brought to the office by their users and they go home in the evening. Malware, which was transmitted by one of two environments, can become a major threat by infecting the environments where BYOD (bring your own device) policies are weak or lack of adequate security measures.
How can smart devices be secured?
Scenarios mentioned show how the Internet of things has been integrated with people’s lives rather than showing what cyber hackers can do with smart devices. And such integration can harm users while can make attacks on the Internet of things applicable for cyber-hackers.
Therefore, it becomes even more important that users secure their Internet of things devices in their smart homes. Followings are some precautions that users can take to secure and protect ınternet of things devices in their smart homes:
Mapping should be made for all connected devices: All devices connected to the network at home or company must be properly listed. Settings, usage information, firmware version and recent patches of these devices should be saved. Through this step can be knowledgeable about which devices need to be replaced or updated while determining the safety precautions that users need to take.
Pre-set passwords and settings must be changed: Should be make sure that the settings used by each device have strong security policies, and if they are not sufficient, they should be changed. Predetermined and weak passwords must be changed to prevent attacks such as brute-force attacks and unwanted access.
Security vulnerabilities should be identified: Patching can be a difficult task, especially for large companies. But patches should be applied as soon as they are published. For some users, patches might lead to disruption of their natural processes. In such cases, virtual patching should also be considered as an option.
Network partitioning must be implemented: Network partitioning should be used to prevent the spreading of attacks, and devices, which are thought to cause problems that cannot be removed from the network immediately, must be isolated.