Whether it’s a smart door that can be programmed to unlock specifically for friends and family while you’re at work, or a connected collar for your dog that tracks its location, modern consumers are embracing the new world of IoT.
The “Jetsonian” home is here, but are we ready for it? As the novelty of connected objects begins to wear off, consumers are starting to question how much they’re prepared to give up security for convenience. The smart toaster might seem like a fun idea, but not if it’s a gateway to your sensitive information.
A recent Bitdefender whitepaper about smart home vulnerabilities reveals personal security is in serious jeopardy, as vulnerabilities are detected in everything from medical devices and connected vehicles to smart doorbells and even baby monitors. Many consumers are blissfully unaware just how vulnerable their homes are to serious cyberattack. Despite 70 per cent of Australians having heard of the smart home concept, an earlier Bitdefender study shows only 20 per cent were aware they lived in one.
Hacking your home
The average home is filled to the brim with connected devices. But many consumers fail to realise most of these devices are sold without in-built security mechanisms. Many also lack an operating system that supports the installation of security software agents.
Analyst firm Gartner estimates 20.8 billion devices will be connected by 2020. Recent Bain & company research predicts consumer applications of IoT will generate $150 billion by 2020. There’s no denying IoT is big business but every device represents a potential avenue of attack. Hackers will use these to get inside a home network and take control of other devices.
It only takes a weak password, careless browsing or a missed firmware update for hackers to retrieve private materials and potentially compromise other household devices.
The weakest link
The average smart home has 20 connected devices, with routers responsible for a significant amount of IoT breaches. At 59 percent, our research identified the router as the single most vulnerable internet-connected device. It’s hard to account for every device in your home but do you know the last time you updated the software apps on your Smart TV? Half of those surveyed hadn’t in more than a month. An even greater number (60 percent) had never done a firmware update on their wireless router.
Although these may seem insignificant, a recent Bitdefender vulnerability assessment found 95 percent of smart home vulnerabilities are in the firmware. Weak passwords were detected in almost half (45 percent) of phones, 16 percent of printers and 10 percent of personal computers. The password is a critical first step in effective cyber defence and yet many consumers leave themselves susceptible by failing to create one.
It’s easy for hackers to create botnets because of the exploits and misconfiguration of IoT devices. Unless communication is properly encrypted, cyber criminals can perform a man-in-the-middle attack and steal data sent between device and server. People are rushing to adopt new technologies but it’s important to recognise that IoT security is still in its infancy. The good news is that it isn’t overly difficult to improve defences.
Automatic updates only take a few clicks and very little technical ability. Creating a simple home security routine will help stifle cyber criminals and keep your data safe. Creating an official body to perform quality control tests before authorising connected products would be a great way to improve smart home security. In the meantime, consumers must take responsibility for securing their home network and understand the risks associated with poorly secured smart toys.