IoT Security: Smart homes are vulnerable
Remote-controlled light switches, automated thermostats, “talking” audio and video players, networked cars or interactive toys for our children: In the Internet of Things, many devices in Smart Homes can be connected to a network and thus considerably increase comfort in everyday life. But in many cases this convenience is at the expense of IoT Security.
The European IT Security provider ESET was interested in how exactly this security and privacy in the constantly growing number of networked households (Smart Homes) is. To this end, ESET under the direction of the renowned expert Tony Anscombe conducted a practical test of a selection of IoT devices for Smart Homes. The result: some of the devices have significant security deficiencies – and some of them also collect large amounts of data without permission, as the published whitepaper shows.
Anscombe’s team classifies language assistants as the most problematic. It is to be feared that the information collected will be disseminated and used commercially. In addition, the protection of stored personal data is at best inadequate. This makes it easier for cybercriminals or data thieves to intercept digital traffic and misuse the information for their own purposes.
Smart homes are not defenceless
No device/software is safe or immune from potential vulnerabilities. However, there are significant differences in how companies react to this problem when it is discovered. Some of the devices tested had security holes that were quickly plugged with new software and firmware. However, if such risks are not eliminated immediately or the manufacturer does not react at all, then interested users should rather choose a different, equivalent device, the experts advise. Smart homes can be operated securely and safely even today with a sense of proportion and caution.
Tips for safe Smart Homes
Consumers should not put their trust in the safety promise of the devices used. With these tips, users protect their smart homes against espionage, data theft and other attacks and increase their IoT Security.
- Always up-to-date firmware
The firmware of the device should be updated automatically by the manufacturer. At the very least, however, you should be regularly informed about updates via an application or e-mail in order to be able to install them promptly.
- Take data protection seriously
- Limit the flood of information
Caution is advised when exchanging data on social networks or with a provider’s systems. For many cybercriminals, this sharing of location, device and usage patterns is sufficient to obtain enough data for fraud or attack.
- Don’t reveal everything
Digital speech assistants are undoubtedly practical. However, users should carefully consider how much they tell their assistant or ask him/her to collect on their behalf. Even though voice control is convenient, there is no complete assurance that your voice information will not fall into the wrong hands.
- Build a barrier
If possible, you should also protect the devices in the smart home effectively against attacks.
Not completely altruistically – but justifiably – the testers point out that such a protection is offered for example by the ESET Smart Security TV App. It protects Smart TVs and other devices with the Android TV operating system against Android malware, ransomware or data theft.