The threat of smart home devices is growing. It’s almost 2022 and the market for IOT or smart devices is exploding. In fact, one estimate predicts there will be 21 billion IOT devices by the end of 2021! This innovation explosion means it is now possible to purchase a kettle that we can switch on during our commute home. Or, we can tell our washing machine to start a delicate cycle from the office if we are running late. We can even tell our listening devices to change the channel instead of using the remote! Ultimately, our need to automate everything from our lighting to our shopping is causing an unprecedented surge in security flaws. As a result, smart device security threats are causing unusual and dangerous problems…
Smart Device Security Threats
A big problem with smart devices is that their design process often excludes any thought for their security. IOT manufacture usually focusses on providing consumers with maximum convenience as quickly as possible. As we know, where there is a focus on convenience, there is seldom any consideration for security.
Swatting
These new vulnerabilities that we are welcoming into our homes in the name of convenience are potentially fatal. Yes, you read that correctly – fatal! An example of smart device security threats is the phenomenon of ‘swatting‘. This trend is a new kind of malicious hack where the attacker will gain unauthorised access to their victim’s smart home devices. They then call the police from the resident’s device, impersonate the target, and report a violent crime in progress. Responses will often involve sending armed police (SWAT teams) to the address to forcefully resolve the situation (hence the term ‘swatting’).
Fatality
One man, namely Tyler Barriss was given 20 years in prison for causing the death of Andrew Finch. Mr. Finch, father of two, was mistakenly shot dead by an officer on his doorstep. Swatting is an extreme example of smart device security threats and it highlights the importance of keeping personal information secure. Whilst only likely to be a trend in America, mismanagement of smart devices can open the doors to all kinds of malicious criminal attacks wherever you are in the world.
Mitigation
It is recommended that you only buy smart devices from reputable manufacturers. Once you unpackage your device, there are then three things to consider. Firstly, as soon as you set up the device, make sure you change the default password to prevent unauthorised access wherever possible. Secondly, make sure your personal information (like your address and phone number) are not easily accessible publicly. Finally, it is good practice to regularly change your own password to limit the exposure created by data breaches. Keep all listening devices muted and blocked when not in use to prevent eavesdropping or vocal attacks. Also, place your devices with security in mind to limit the impact of nearby threat actors. For more advice, contact us.
Frequently Asked Questions
Most smart devices seldom include security by design. Every insecure smart device you have on your network can potentially be a security risk.
Common security threats include little or no password protection, poor network security, lack of a secure patch system, insecure data transfer and storage, insecure default settings and a lack of physical hardening.