Cybersecurity blog Cybersecurity blog
A Ghost in the Machine? – Smart Homes and Cyber Security
Facebook Twitter LinkedIn

A Ghost in the Machine? – Smart Homes and Cyber Security

blank
Guðrún Vaka Helgadóttir
5 min read ∙ Oct 27, 2022
blank

Because it’s almost Halloween, we have a scary story to tell you. While we love the saying “work smarter not harder” – there’s smart and then there’s too smart. With connected smart home appliances, or the Internet of Things (IoT), our homes are now more vulnerable to cyber security attacks than ever before. It’s a scary thought and we absolutely should worry about it. However, if you worry about smart homes and cyber security, we’re here to help.

First, watch our new and totally scary video about smart homes and cyber security. It’s almost as scary as our dedicated Halloween video and blog from last year!

The rise of the smart home

Smart and connected devices are great. They make our lives easier, more fun and can be controlled from anywhere. We have speakers that we can talk to, fridges that keep inventory, light bulbs that create any ambiance we want, and dish washers that ping our phones when they’re done. Now if we could just get the washing machine to load itself life would be pretty darn great.

White smart device speaker inside a home with light on. Could be used for cyber attack.

All this connectivity and automation, however, means that these smart devices are a target for cyber criminals. If they know which devices we have, they could potentially hack into them and get sensitive information off them. For example they could get your router name and password, opening the door to your home even further. Or you could be one of the unlucky Roomba users who got their picture taken while on the toilet and the images posted on Facebook! This is why it’s important to take cyber security extra seriously when you have a smart home.

Why do hackers love smart homes?

There are numerous ways that hackers can exploit your smart devices. The most popular one is to hijack them and use them in botnets (robot networks). That means that your smart devices become small cogs in a much larger machine. The botnets are made up of hundreds or thousands of hacked computers and devices. A botnet is built to perform DDoS (Distributed Denial-of-Service) attacks, steal data, send spam and allow the attacker to access the device and its connections.

Smart home device lightbulb shining inside a home. This device could be used in a cyber attack.

Because people often don’t think of cyber security when they start using their smart devices, they are easy targets. Additionally, the typical IoT device has no security features beyond a default password. There are even botnets built for the sole purpose of looking up and hijacking vulnerable smart devices to hack. It’s a vicious cycle really.

Scary smart home stories

We’ve heard stories of cyber security attacks on large companies done by toasters and coffee machines. It might sound funny, especially if it wasn’t your toaster. However, to the companies and to the people who simply wanted a toast or a coffee, it was not that amusing. Even worse are stories we’ve heard of security cameras, doorbells and baby monitors that turn on their owners. These devices can help keep our homes safe but if compromised can be used to spy on us, disturb us and even rob us. And how about stories of devices that simply gave up their owners’ social media information and passwords? Those traitors! This should be enough to scare the bejesus out of anyone!

Inside a smart home. White robot vacuum cleaner working. Connected to the internet this smart device could be used for a cyber attack.

Your smart devices know a lot about you. The vacuum cleaner knows the layout of your home, your watch knows where you are and stores a lot of your health information. Your doorbell knows if you are home, and your security camera can verify it. Also, many of your devices have seen you naked! Getting access to just one of those devices and the information they store could be very lucrative for criminals.

Outsmarting the smart devices

Before you decide to connect any smart device to the internet, keep in mind that this device might be hacked or compromised if a cyber security vulnerability is discovered and exploited. It can be difficult to find and install security and firmware updates for IoT devices. With those risks in mind you might want to research the device you are thinking of buying or setting up. Find out if it has known cyber security flaws and how to update and secure it.

Here are some tips to make your smart home more secure:

  • First of all, whether you have smart devices or not, secure your home Wi-Fi by changing the default name, user name and password.
  • When buying new devices, especially home appliances, consider whether it really needs to be connected to the internet.
  • Change the factory default usernames and passwords of all your smart devices to make them harder to hack. If you use services such as Amazon Echo or Google Nest, it’s also a good idea to change the default “Alexa!” or “Hey Google!” voice prompts. Enable multi factor authentication whenever possible.
  • Make sure to check for updates and keep your IoT devices updated.
  • Operate your IoT devices on a separate network within your home rather than the default network that you use for work and personal matters.
Inside a smart home living room. Connected speakers near the ceiling could be used for botnet cyber attacks

Finally, make cyber security a priority whenever you connect anything to the internet. Don’t use the same password for all your devices or give just anyone access to their controls. Some things are better left unconnected.

blank
Guðrún Vaka Helgadóttir
5 min read ∙ Oct 27, 2022

Become cyber secure

You and your employees are going to love AwareGO. It’s a modern, cloud-based system for managing human risk, from assessment to remediation. We’ve made it super easy — schedule your first assessment or training in minutes.

Get started for free and give it a go right now.

You’ll love the way AwareGO can fit into your existing infrastructure. Our robust APIs, widgets, and content available in SCORM format make sure that the integration is seamless. We also integrate with Active Directory, Google Workspace, and popular tools like Slack and Teams.

Contact us and our experts will recommend the best way to integrate.

Upgrade your cybersecurity business by adding human risk management to your existing portfolio of services. Increase your deal size by leveraging Human Risk Assessment or offering Security Awareness Training to your current customers and creating a new revenue stream.

Contact us to become an AwareGO partner, and we will support you every step of the way.

Join top companies worldwide in the mission to make workplaces cyber-safe

Get started free
blank blank blank blank blank blank blank blank blank blank