Each device is a doorway
Consumers are often disarmed by the seemingly innocuous nature of the new connected devices they bring home – after all, these are still perceived as just refrigerators, vacuums and thermostats albeit slightly updated versions of the appliances they are replacing. How can they possibly be used to do harm? In reality, as soon as we connect these devices to the home network, we are always creating new risk that they may be used as an entry point or an instrument for hackers. Over the last couple of years, connected home devices have become an integral part on the cybercrime battleground. Here are just a few recent headlines:
- Hackers have successfully use a “botnet” of infected domestic devices that included smart televisions and refrigerators to send out SPAM email campaigns unbeknownst to their owners
- Laptop cameras are hacked to eavesdrop on their owners for the purposes of extortion/blackmail
- Hackers gain control of security and drive systems of new Jeep and Mitsubishi vehicles, allowing them to not only steal the vehicle but also interfere while you are driving it
- Researchers show that a simple physical hack of the Nest thermostat can give hackers access to you Wi-Fi password and tell them whether you are home or not
- Security researchers hack a Samsung smart refrigerator to steal the owner’s Google account credentials
- Hackers intercept video and audio feeds of internet-connected baby monitors
Why are consumer devices suddenly so vulnerable? Security researchers indicate that quite often these devices lack even very basic security safeguards. Many traditional consumer technology manufacturers are simply not used to making security design and testing a part of their R&D cycle. Fixing this will require them hiring security experts and altering their engineering processes.
Things will certainly improve in the long run, but for the time being, one thing is clear. It’s time to become much more defensive and involved with the technology and information in our homes. 20 years ago, your home castle was protected by the deadbolt and a security system monitoring your front door. Today, we have installed dozens of new doorways in our households. Some are protected with military-grade security, and others with a digital equivalent of a wire twisty tie. Do you know which ones are which?
As much as I love the idea of a smart fridge that can inventory my produce and automatically order milk and eggs, until I can determine its impact on security, I am not going to connect it to my network and give it credentials to my email and my online shopping accounts.
In the upcoming posts I will begin exploring the technologies and best practices to help protect your family’s information and devices.