Can Your Smart Home Devices Be Hacked? 4 Things You Need To Know
In this day and age just about everything we own has a digital footprint, which is incredibly helpful in many ways. We can access information in the blink of an eye and there's less of a need to clutter our wallets and purses with loyalty rewards, insurance, membership, or — if you're a real digital purist — credit cards. After all, apps like Google Wallet can carry all of that for you. Not to mention the incredible number of pictures you can keep to be shown off with the click of a button rather than needing to wait until somebody visits your home. So many smart gadgets on the market turn our simple homes into technological marvels where convenience is prioritized.
Say a magic phrase and the lights or TV will turn on and off. You can take a gander at who is at the front door without even being home. However, that convenience comes with its own risks. While you might not care if somebody hacks your smart refrigerator because the worst they can do is adjust your grocery list, it's concerning if a bad actor gains access to a smart baby monitor or video cameras. While the world might be filled with a majority of decent and goodwilled people, there are always those who don't have the best interests of their neighbor at heart.
Bottom line, yes, smart home devices like a Ring Battery Doorbell Pro or a Vosker VKX security system can be accessed by outside parties with enough knowhow or the correct set of credentials, such as compromised login information. Luckily, there are plenty of precautions you can take yourself to maintain the integrity of such gadgets and give you some peace of mind.
Wi-Fi security is paramount
The worst thing any smart home device owner can do is neglect the security of their Wi-Fi router. The default password for routers is typically generic and it's not difficult for hackers to find passwords supplied by manufacturers online. As soon as you connect a new router and complete the setup process, change the password to something stronger. Don't use the same password you're using for Instagram on any other device. Security starts at the router, so its uniqueness is paramount. Additionally, create a new service set identifier (SSID). This is the name of your Wi-Fi network. It's harder for bad actors to identify your router when it's not a generic SSID.
Furthermore, you need to ensure that the security protocol your router uses is turned on and that it's using the highest possible protocol. Older devices use a WPA2 encryption but newer ones are capable of WPA3. This higher security protocol became standard on most routers built after 2020, so if you have one that predates 2020 and want to upgrade to something the best firewall encryption a router can offer, the TP-Link AXE5400 Tri-Band WiFi 6E Router is a high performing and secure option. If you supply your own router, it saves you money in the long term with your internet bill. It's never a bad idea to update your outdated devices either.
Don't just update the physical hardware. You should also regularly check for firmware updates through the device's associated app. These software updates fix bugs in the system and sometimes provide new features.
2FA and MFA are your friends
If a smart device offers two-factor or multi-factor authorization, then take advantage of it because those methods are going to be more secure than only using a password. Even with your password, a bad actor can't gain access to your account or device without an additional form of authentication. This is usually a text message, an email, or a pin, which requires them to also have possession of your phone. This is one reason it's important to use a different password for your router because if it's the same as your email, it wouldn't be too difficult for a hacker to gain access.
Several well-known corporations like Google and Microsoft have authenticator apps that you can connect to your accounts, improving the protection around your smart home devices. More IoT devices utilize additional forms of authorization these days, so you don't have to go with a third-party if you don't want to. Just ensure that you set them up when you're setting up the device so you have that extra layer of security from day one.
As the FBI warns in its website, "Unsecured devices can allow hackers a path into your router, giving the bad guy access to everything else on your home network that you thought was secure."
Keep your smart devices on a separate Wi-Fi network
Hackers are clever criminals who can find their way to your most sensitive information through your smart gadgets. It's especially easy for them if your smart devices are on the same network as your computer. It's essentially a highway from one device to another. The FBI highly recommends that you keep your smart devices on a separate Wi-Fi network as an extra security precaution. While you might think that a hacker getting into a smart home appliance like the fridge or thermostat is benign, that's just an access point for them. Once they're in there, they can potentially find a route to the files on your computer or the data on your phone.
However, most routers come with a 2.4GHz and 5GHz band. This gives you the opportunity to put your IoT devices on one network and the devices with sensitive data you want more secure on the other. Many routers also let users setup a guest network that's meant for times when family members or friends visit for an extended period. It gives them access to the internet but keeps them away from shared folders and printers. If malware ends up infecting one of these separate networks, it's unlikely to find its way to your main network that has personal information on it.
Avoid certain brands and limit yourself
Do your research before buying an internet-connected gadget. You may want a certain appliance to make life at home a little more convenient, but don't get a no-name brand off of Temu just for the sake of convenience. Yuvraj Agarwal, a computer science professor at Carnegie Mellon, told The Wall Street Journal, "If it costs $5 for a smart plug, most of it is not going toward thinking about security and privacy first."
If that doesn't tell every security-conscious consumer out there the exact type of devices to avoid, we don't know what would. Mainstream brands invest more in security and ensure there are regular updates to keep up with newfound bugs and security issues than smaller companies, so it's safer to stick with well-known names. Look for brands that list what their security protocols are and the processes they utilize. A brand that regularly performs penetration tests (often referred to as a pentest) like Arlo is going to be safer than one that doesn't.
More importantly, don't get carried away with smart appliances. The more IoT devices you own, the more pathways there are for bad actors to infiltrate your life. If you are concerned with somebody gaining access to your Amazon Alexa or Google digital assistant to eavesdrop on your conversations, don't keep one in an office space or anywhere you might discuss sensitive information.