Site icon Check Point Blog

Check Point IoT Blog Series: ‘Home, Smart Home’ – But How Secure Is It?

The smart home is often idealized as a domestic paradise — your fridge orders your groceries for you, your robot vacuum cleaner zooms from room to room, and changing the thermostat is as easy as pulling up an app on your phone. But beneath the surface of this always-on, seamlessly connected exterior, however, lie significant concerns about privacy and cybersecurity.

These concerns were dramatized in the Season 2 premiere of the cyber-drama ‘Mr. Robot’. The TV and stereo are switched on and off randomly; the water temperature in the shower goes from boiling to freezing, and the air conditioning is switched to Arctic temperatures. Someone hacked this fictional smart home, forcing the character to leave. Was this scenario a case of art imitating life, or just some Hollywood script-writer’s daydream? Just how close to reality was it?

Too close to comfort, in fact.

In 2013, reporters at Forbes described how they were able to get remote control of a smart home, enabling them to manipulate lights and water services. University of Michigan researchers revealed flaws in Samsung’s SmartThings platform that let them set off smoke alarms and unlock doors. Check Point’s research team found vulnerabilities in a streaming TV device that would allow hackers to access and control any other home network connected to the device.

The adoption of “digital assistant” devices such as Amazon Echo and Google Home presents an emerging challenge for smart home cyber-security. 35 million Americans use a voice-activated digital assistant at least once a month, and these devices, with their always-on microphones and highly personal data, are an attractive target for cyber criminals.

Just recently, Check Point discovered a vulnerability in the LG Smart ThinQ platform that may have allowed hackers to gain control over various home appliances ranging from ovens & refrigerators to a home bot cleaner. See for yourself how easy it is for a hacker .

Security First, Not an Afterthought

In many cases, smart home devices and platforms are designed primarily for connectivity and user-friendliness, with security coming as an afterthought.

Generally speaking, many of the devices have limited processor and memory capacity, which makes securing them difficult. And once a vulnerability gets discovered, any patch that gets issued will probably not be pushed automatically to the device… leaving it open for exploitation.

And even when the device has security features built in, it’s often the user’s responsibility to implement those features. Whether that involves setting up data encryption, changing the passwords, or downloading the latest firmware version, it’s well-established that most users don’t take cyber hygiene seriously enough: a recent survey found that more than 50% of companies using smart devices do not change the default password after purchasing.
If there’s one thing that we’ve learned in over 20 years in the cyber security sector, it’s that whenever a new computing device is launched… someone, somewhere, will figure out how to hack into it.

Outsmarting your smart homes

The good news is that there are practical measures that you can (and should) take to better secure the smart devices and networks in your home against hacking and digital intrusion attempts.

Here are our five tips:

  1. Secure your wireless network
  1. Create two separate Wi-Fi networks
  1. Keep your passwords strong
  1. Use a firewall to secure your home network
  1. Implement Firmware & Software updates
Exit mobile version