How To Make Your Smart Home System Hack Proof?
In the movies, hacking seems dark and mysterious, with numbers flying past the screen in green and black while the evil villain/genius hero types frantically, eventually breaking the password.
In reality, things are a little less black and, er, green, but any system on a network can be hacked, so it’s best to take precautions.
WHAT IS HACKING?
Hacking is a term used to describe an invasion of your computer systems by an unauthorized source.
A hacker would typically be looking to gain access to information on your computer, or take control of them.
One of the downsides of having a smarter home is that you have more computerized devices, which means there are more things for a hacker to take control of, or information that they might obtain.
In terms of taking control, a lock is an obvious threat, but imagine if your television started changing channels at random or your lights flicked on and off. Irritation is a plausible problem too, because many hackers are not motivated as you’d imagine.
Hacking can also work the other way; many smart devices including speakers.
Previous hackers – keen to demonstrate the flaws in baby monitors – infamously broke into baby monitors with the two-way talk feature and spoke directly to children.
According CBS News, parents overheard a strange voice saying, ‘Wake up little boy, daddy’s looking for you.’
WHY DO PEOPLE HACK?
As well as the obvious opportunities for gaining the information or access required for a crime like theft, some hackers may have loftier intentions. Or at least that's how they perceive it.
Following the lead of Abertay University in Scotland, there are now six different institutions in the UK offering 'Ethical Hacking' as a course of study.
That's not to excuse their actions, but understanding that not everyone seeks gain does help develop countermeasures, and many hackers simply hack to demonstrate flaws in others systems, considering it to be a public service.
Flaws can sometimes be very easy to find; a team at Ben-Gurion University in Israel were able to find passwords for more than half the devices they tested.
The most common method was to Google the manufacturer's default password and use that - you have been warned.
WHO ARE THE HACKERS?
There is a tendency to presume that all hackers come from sinister foreign powers. In truth, that is far from the case (although many might be acquiring the skills in further education).
A recent study of universities showed that hacking of their own systems took place most commonly during the university’s teaching hours, with a dip around lunchtime.
It doesn’t take a genius to see that most of the attacks weren’t from far away and different time zones, but rather from students competing with each other to test their skills.
The lesson, though, is that those skills are out there, and becoming ever more prevalent. As you make your home smarter, you’ll also need to stay ahead of a smarter pack.
Some hackers even perform hacks from their vehicle, parking in your street in what is known as a ‘drive-by’ hacking. This is perhaps more worrying as they’re associating all they learn with your address, and might be planning a ‘real-world’ attack.
IS HACKING THE ONLY THREAT?
No. The other big problem is ‘malware’ – software with malicious intent that isn’t necessarily making a personal attack on you. If anything, this is the more common issue you’re likely to have to deal with.
Malware might want to implant itself on your computer (or, more accurately, the tiny computer built into each of your devices) and hijack their power to its own ends.
Even if it doesn’t affect the functionality, this will increase power consumption – especially irritating with battery-powered devices.
A common function of malware that implants itself in this way is to play a part in a DDOS, which stands for Distributed Denial Of Service attack. This is a brute force way of bringing down an internet service (like a website) by simply having many different devices asking thousands of things at the same time.
Conceivably your fridge might be playing its part in such an attack – just one bot in a ‘botnet’. This has already happened; digital security company SentinelOne identified them specifically in a 2016 attack on big sites Twitter, Etsy, Spotify, Netflix and GitHub.
Another concern is simple failure. One seemingly innocuous example of this happened to Alexa users in March 2018, when Echo devices spontaneously began laughing without any prompt, which was more than a little creepy for the users.
Amazon acknowledged (and fixed) the issue and said that the system was mistakenly hearing the phrase ‘Alexa, laugh’, but you have to admit that it’s also a good film start for a certain Gotham City villain.
WHAT CAN YOU DO?
STAY UP-TO-DATE: The first rule of hack-proofing is ‘Don’ be the weakest kid in class’. That is to say that you should keep all your devices updated with the latest software patches from the manufacturer.
In many cases this might seem like an irritation, but as soon as a weakness is discovered it’ll be shared with the manufacturer and you can be sure that they will work to fix it.
If your machine is more up-to-date – and thus stronger – potential hackers are more likely to go elsewhere.
Not all devices will auto-update; open the associated app and check the setting to force an update.
KEEP YOUR PASSWORD SAFE: Incredibly, one of the most common ways people hack other people’s Wi-Fi network is simply by looking through the window at the router and reading the password from the back of the device.
Are you still using the name and password that came with your device? Are they safe?
CHANGE INDIVIDUAL PASSWORDS: As mentioned above, the default passwords are easy to get hold of, quite often included in the downloadable product manual. Change these and you’ll make it a lot harder for most casual hackers.
USE PASSWORDS YOU CAN REMEMBER: It might sound counter-intuitive, but there is a strong argument for using passwords that are easier for you to remember but a bit longer, and a mix of letter (upper and lower case), numbers and symbols (if the system will allow it).
The more characters, the harder it is for a computer to guess if trying every possible combination, so just put together four random words and you’ve theoretically got a better password than a common word with one of the letters substituted for a similar-looking number.
USE A GUEST MODE: Many modern Wi-Fi hubs, including those supplied by BT and Virgin Media, allow you to add a guest mode. This means you can give visitors access to your internet connection on a separate Wi-Fi ID which does not have access to your home network.
This is useful as some smart home devices can detect any compatible devices on the local network and interact with them without the additional security required to connect from outside.
TURN OFF DEVICES YOU’RE NOT USING: If you leave your baby monitor on all day, even though you’re not at home, then not only are you wasting energy in standby mode, but you’re also giving potential attackers more time to connect and attack the security features.
DON’T USE THE STANDARD WI-FI NAME: Most routers that are provided by your internet provider have a standard format to their names and their passwords (letter, letter, letter, number, letter).
Hackers can find these online, making it much easier for a computer to guess your password in a drive-by hacking, so change both of these.