Google and Amazon have been pushing us to buy smart connected devices for the past year or so, and as their offering of controllable devices, apps, media subscription services increases, the viability and usefulness also increases. And, just as Moore’s Law predicts, as the processing power increases exponentially, the price of entry decreases. Indeed, in order to secure their device’s place in your home, you can find offers on Minis, Dots, hubs bundled with lights etc. for at least half of the usual retail price. Their theory is, once you adopt one device or another you’ll have no need to buy the other since they effectively do the same job. Once you’re tied in they’ve got you for life. As we see every day in tech purchasing, brand loyalty can become deeply entrenched.
Smart Home Devices are being pushed by the major high street retailers. Home entertainment, TV subscriptions, lights, sound systems are all on high rotation during the ads, online marketing is placing the ads in front of us when we’re scrolling on Facebook, Twitter and Instagram, making the Smart Home Option almost inevitable. We see the advertised advantages, but what are the down sides?
As mentioned above, brand loyalty means that once we’re locked in we’re unlikely to change to another platform later down the line. There are some things we shop around for, and others, like bank accounts, energy and data providers, that we don’t. We’ll put up with a lot of inconvenience, price hikes, changes in contract conditions, and poor customer care before we migrate. The reasons being that we don’t know if when we move we might get something worse, and closing down contracts and setting up new ones is often seen as more hassle than it’s worth.
The ads also make it look like their devices are easy to ‘plug and play’ out of the box. Plug it in, switch it on and ‘BOOM!’ you can talk to every bit of kit you own. The reality is they can take care of several functions as soon as you start giving it juice, but to get the most out of it takes time and training. You need to teach it to recognise your voice if you want to be able to tell it to “play my favourites”. You need to set security on all of your connected devices otherwise you leave yourself open not only to data abuse but burglary and fraud.
Burglary And Fraud? Just From Failing To Set A Strong Password?
You might think that’s scaremongering, but it’s been shown in several studies that failing to protect Smart devices against hackers can lead to people taking control of your tech. Someone being able to override your lights might not mean much, but if they can control your baby monitor or other listening devices they can gather data from you, including credit card details if you pay for things over the phone. Taking control of your intercom or door camera means they could let themselves in and then delete the footage of their activities.
Smart home security, including door cameras, CCTV, and intercoms which let you see who’s calling from wherever you are in the world are one of the most popular devices, garnering a lot of interest among home owners who are worried about intruders and want to put them off of breaking in. But in order for them to work effectively, sending data into the cloud so that it can be retrieved remotely, should there be a break-in, they need to be connected to the internet. And here’s where the security of the system can be compromised. They need to either connect to a base station or your home hub in order to be effectively controlled, and that means that if they don’t have a strong password they can be manipulated by anybody with an internet connection and a whim to steal your belongings.
People are also worried about the ‘always on’ technology which is waiting for you to speak the ‘wake word’ which starts it operating. Security is in place, for example you can’t change the wake word to anything you want. This means hackers can’t change it to start recording as soon as it hears ‘card payment’ should you be making a payment over the phone. But that doesn’t mean you can be complacent. Google’s handheld control doesn’t have a camera and it has a switch which allows you to turn off listening entirely, meaning you can only control it via the touch screen. It defeats the point of voice control, but it does allow you to control all of your smart devices without compromising that aspect of your security.
If you do think that hackers taking control of your connected devices is just scaremongering and the stuff of a paranoid imagination bear this in mind. Many of the most effective DDOS attacks bringing down government and corporate websites have made use of connected devices to send and demand data to the servers in question. So if you think ‘meh, it’s only a child’s toy/fitbit/smoke alarm/vacuum cleaner, I’ll worry about security for something important!” you’ve leaving your doors wide open to abuse.
You’d also be mistaken for thinking “yeah, but what burglar in my neighbourhood is going to be smart enough to hack into my home system and take it over?” As we’ve seen with credit card and account sign-in details recently, thousands can be obtained over the internet and sold on to those who can make use of them. Your burglar doesn’t have to be a hacker, he just has to be smart enough to buy the details that will enable him to turn off your security.
So, how to lock down your security to prevent hackers and fraudulent data abusers?
- Change the name of your wifi router so it doesn’t display the maker’s brand or your address. Also, change the password to something long and complex, and change it every time you let visitors use it. You trust them, but if their phone or tablet gets lost or stolen then the thieves have access.
- Don’t write passwords down anywhere they can be accessed later. Especially DON’T keep a record of your passwords on your computer! If you need to share a password with someone remotely, write it on a piece of paper, take a photo, and email them the photo (without naming it ‘photo of the password I wrote down for you’) instead of sending the password in an email. If you need to give the password to a visitor to your home, offer to input it for them.
- Make sure that as soon as you introduce new connected devices to your home network you change their names and passwords too. Data breeches all too commonly occur when a hacker knows what brand is being used and also knows their default security codes.
- Make sure that important security management can only be performed from a device which is directly connected to the router. Disabling wireless control means that only people who are sitting comfortably at your home computer or interfacing directly with the hub can make any adjustments.
- Make the network name unique, memorable and misleading. Calling the network after your home, your family name or any other name which makes the network identifiable as a home network located in your property is a bad idea. Instead try naming it after a school, library, police station or other local utility. You’ll know it’s your network, but anyone not in the know will be completely baffled. When it comes to password security, use at least a 12 character code. Random characters, numerals and capitalisation are the strongest, but also the hardest to remember.
- Once all your connected devices are tethered to the network you can even turn the SSID off. You’ve surely walked along the highstreet and seen the wifi of every shop and café show up on your available networks. Well, turning of SSID means that it won’t show up and can’t be found by any devices which aren’t already connected. Those that are will work perfectly normally and you can easily synch new devices as you buy them. However, nobody else will.
- Another way of limiting access and data breaches is to turn off Universal Plug and Play (UPnP). UPnP allows your connected devices to communicate with the internet, to pick up and download data updates when they are released by the manufacturer. The UPnP also gives hackers the opportunity to get into your devices, and therefore your home network. Once your devices are up and running it’s not very often you’ll need to install new software, and that can be sought from the manufacturer’s website, making it far easier for you to manage.
- The problem most people have with strong security through the use of passwords is that you need a long complex letter and number combinations which you need to change regularly. If it’s long and complex it’s naturally hard to remember, and if you change it often it’s easy to forget or get muddled. That’s why I write the password down on a piece of paper and photograph it and keep it without notes or any kind of name on my phone. You can show it to people, email it, send the photo via Bluetooth, and once it’s been shared and used, deleted and changed.
- Finally, turn things off. Devices on standby typically use on average a third of the power they would if they were being used. So that’s still a big power drain when you’re not even using something. Turning off unused items off not only reduces power use, every item which isn’t switched on when it’s not being used is another potential chink in your home security sealed. Ideally you would be able to power down the entire network, but since you need to be online for your CCTV and other security devices to work, get them securely locked down, turn everything else off and enjoy peace of mind.