Secure the gadgets you already own and scope out new products with security in mind
Smart home technology is changing our homes. Today, we live side by side with no shortage of smart devices which make our daily lives easier in various ways. At the same time, these gadgets can create opportunities for attackers.
With new smart home devices being announced at CES earlier this month, Avast security experts are encouraging tech-savvy individuals across the globe to shore up their home security when buying new smart home technology.
Further reading:
Make sure your in-home IoT is secure
What IoT security risks are lurking in my home?
Locking down privacy and security in my smart home
“Smart home devices can entertain and save us time to enjoy the things that matter, but they can also become liabilities with cyberattackers eyeing them as soft targets. Cyber attackers can exploit the security weaknesses of smart home devices to gain access to your household networks to take sensitive data or even more alarmingly, to take control of your devices and monitor you and your family,” said Luis Corrons, Avast’s Global Security Expert.
The Covid-19 pandemic has sparked a mini-boom in connected devices as people look to improve their "at-home" lifestyles. Research from Avast shows that the share of global households that have five or more devices grew from 52% in December 2019 to 55% in September 2020.
For those looking to upgrade or start investing in smart home technology this year, consider buying devices from well-known reputable manufacturers which are more likely to have more security features and provide device updates so firmware can be updated with latest versions and patches. When you set up your device, ensure you change the default password to something complicated and consider installing a digital security product — like Avast Free Antivirus — that allows you scan your local network for unsecured IoT devices.
Here are some simple steps to help reinforce the security around your smart home devices:
- Take the time to pick the right smart home devices. When buying a new smart home device, consider buying products from well-known reputable manufacturers. They are more likely to have produced devices with security in mind. Also check that they provide security updates so firmware can be fixed if required. Before you add a new connected device to your network, take the time to understand everything about it, including how it collects and uses your data and the device features to ensure you understand what you can disable for extra security.
- Change default password. Take this as a rule for any device that comes with a default password, not just your Wi-Fi router. Always change the default password to a complex password, which should be a combination of capital and lowercase letters, numbers and special characters if possible. By choosing not to update default login data, homeowners are making it easy for hackers. Most bad actors can guess a default password, allowing them to breach a network and even link a smart home device to a botnet, a collection of internet-connected devices controlled by cyber-criminals.
- Set up two step authentication. Where possible, homeowners should also strengthen device security by using two-step verification, a process where two authentication methods are needed to gain access which can help prevent attacks if your password is discovered.
- Update ASAP, always. It cannot be stressed enough — keep the firmware of your IoT devices updated with the latest versions and patches available. The cause for most of these updates is because a security flaw has been found and exploited in the previous version. You want to stop running that compromised version right away. Also when considering a new IoT device, take a look at its update process. Make sure it’s easy and straightforward and that you are notified when a new update is ready.
- Consider splitting your home network. Splitting a home network in two could also be beneficial. As part of their recommendations for robust digital security, The Federal Bureau of Investigation has suggested homeowners keep devices carrying sensitive data - such as a laptop and smartphones - on a different network from those supporting smart home devices. By using this set-up, a hacker would not be able to directly access a personal laptop if they breached a smart home device. This network could also operate as a secondary network for guests; protecting sensitive devices if their bad browsing behaviour leads to a security problem.
- Consider cybersecurity. Everyone’s protection is in their own hands these days, so it’s a good idea to call in reinforcements for peace of mind. Consider installing a digital security product that assesses your IoT devices connected to your network, reporting anything abnormal. Wi-Fi Inspector, which is part of Avast Free Antivirus and Premium Security, runs locally on a user’s personal computer and performs network scans of the local subnet to check for devices that accept weak credentials or have remotely exploitable vulnerabilities, alerting users to security problems it finds.
- Erase your personal data from old smart home security before disposing. If you are getting rid of older smart home security products, make sure that you erase all your data and personal information, delete your account if you no longer need it, and perform a factory reset of the device. Also, make sure to remove the device from your online accounts, networks or apps that you have linked them to.