Imagine this: a friend is experiencing some significant life challenges, and out of the goodness of your loving heart, you invite him to stay at your house just “for a little while” until he gets back on his feet.
Time passes. More time passes. Even MORE time passes.
Until eventually, your friend is enjoying the good life at your expense! He doesn’t offer to contribute to paying for groceries, utilities, or any other costs. He also makes a HUGE mess all the time, and when you’re not around he throws wild parties that cause damage. So basically, he’s not a friend anymore. He’s a frenemy who is living 100% rent-free.
Does this make you happy? No. It makes you miserable!
Well, hopefully, you are not stuck with a world-class freeloader (think of the hilariously stupid 2006 movie You, Me, and Dupree). But if you have a smart home, then there is a chance that you are in fact allowing several security risks to live rent-free in your home. For example:
Smart home devices want to learn all about you, so that they can make your life easier and more convenient. But guess who else is interested in all of your personal information, such as your credit card numbers? Cybercriminals.
To protect your data, avoid sharing financial information with smart home devices, and provide as little personal information as possible (such as your date of birth). And if a smart home device vendor reports a data breach, then take immediate action to minimize your risk exposure. In most cases, the vendor will offer free credit monitoring for a period of time (e.g. 1 year), so that you can detect any suspicious or unauthorized activity.
In some cases, smart home hubs (which connect all smart devices on a network) are protected — or better stated, unprotected — by weak passwords. This makes it easy for hackers to gain access to the hub and tamper with various devices. To prevent this vulnerability, always use strong and unique passwords, and two-factor authentication (2FA) for devices is a must!
In a way, it is rather comforting to imagine that hackers — as dangerous as they are — are somehow located far, far away in another country or continent. But that isn’t necessarily the case! They can literally be steps away from where you live, and your smart home devices could be the reason. Consider this: in 2018 it was revealed that hackers “tricked” Google Home and Chromecast-connected smart speakers into sending them the specific location data of users around the world. The vulnerability has since been patched, but the incident continues to serve as a warning about what could be possible.
What is the security advice in this case? First of all, never click on any suspicious links (the seasoned IT pros out there may not need this reminder, but remember that other people in your household may be less savvy when it comes to security!). Second, if possible, then it is a good idea to maintain a second network that is exclusively for smart home devices.
One of the biggest reasons (and for some the number one factor) for making a home “smart” is to make it more secure through devices like smart door locks and smart surveillance cameras. But ironically, these devices can have security loopholes that enable hackers to unlock doors and disarm cameras — thereby rendering a home defenseless. In fact, hackers can even go a step further and lock people out of their own homes!
As chilling as this risk is, the good news is that it’s not especially common. Frankly, most burglars that target a home will try to gain entry the old-fashioned way through a door or window vs. attempting to electronically circumvent the alarm system.
Still, if you’re concerned about this vulnerability, there are a couple of proactive things you can do. First, ensure that your home security devices are “jamming resistant.” For a list of reviews and recommendations, check out this article by Consumer Reports.
Second — and although it may seem counter-intuitive — do NOT plant one of those little signs in the front of your home that says “Protected by [Name of Company]” (or something similar). Why is this a bad idea? Because when burglars know what kind of smart home security system you’re using, then they can use tools and techniques that they know will work.
Experts say that if you feel safer with some kind of signage, then keep it generic. Basically, you’ll tell would-be burglars: “Look, there is a really sophisticated smart security system in place here — but I’m not going to tell you which one, so you’re really better off just skipping my house because it’s not worth the risk.”
A hacker who gains access to your smart thermostat or appliances could cause severe damage to various appliances and systems (such as your HVAC system). Not only could this lead to thousands of dollars in repairs, but it could trigger a fire or flood.
Now, does this kind of thing happen every day? Not at all. But it is a possibility that you should at least consider. A practical way to reduce your risk is by choosing smart home devices that allow you to lock in settings, which makes it harder (although not 100% impossible) for others to change.
Smart speaker hub devices are always listening, because their job is to obey your commands. But did you know that these devices transmit recordings to Amazon and Google for analysis? And that’s not even the biggest threat. Hackers could potentially exploit security loopholes and break into smart speakers, and subsequently issue their own commands or harvest prior recordings. Scary, huh?
To protect your privacy, occasionally delete stored recordings, avoid pairing smart security devices (e.g. smart cameras and smart door locks) with your smart speaker, and always turn off your smart speakers when you're not using them.
Relying on outdated, threat-prone software on smart devices is another major vulnerability. To lower your risk, only buy smart devices from reputable brands that make security a top priority. It is also wise to set your devices to automatically update when new software is available.
Smart homes are amazing (and you get to pretend like you’re on the bridge of the U.S.S. Enterprise giving out commands!). And it’s probably a safe guess that within 20 or 30 years, most homes will be smart — to some extent, at least — and what seems novel and fascinating today, will be viewed as normal and ordinary in the future.
However, as convenient, efficient, and just plain COOL as smart homes are, it is vital to realize that there are security risks. Being proactive and eliminating (or at least, significantly reducing) vulnerabilities and risks will help ensure that your smart home remains an asset — and doesn’t become a liability.
BONUS ADVICE: Watch Out for Catware!
By the way: even if you address all of the vulnerabilities listed above, there is still one other threat vector that you need to keep in mind if you’re away from home (or even out of the room). Yes, I am talking about dreaded CATWARE. What is this nefarious threat? Let me tell you a story:
A few years ago, my wonderful colleague Laurence was at home working on a paper for a university course. She had Facebook open in the background, and went to the kitchen to grab a quick snack. That’s when her cat decided to jump on the sofa and walk all over her laptop — and as a result, he sent a bunch of messages to random people on Facebook! I can only imagine the look on Laurence’s friends’ faces when they received messages from her like “lsadblashdfosdhigs” and “lekhflshdg.”
So, like I said, if you’re a cat owner, then watch out for catware (also applies to dogware, bunnyware, parrotware, hamsterware… you get the idea!).