I am sure you must have heard about that FaceTime hack that allowed the hacker to eavesdrop on the conversation without the recipient knowing what’s going on? And how about the family from the US, whose Nest camera convinced them that a Nuclear attack was looming? All in all, a smart home comes with a plethora of benefits, but you won’t be at the fancy ends if one or all of the devices get hacked just because you were not careful enough. The word “Careful” here is a definition to many things at hand, and in this article, I cover extensively as to what defines carefulness and how can you ensure that your smart home has minimum to almost no chance of getting hacked.
Despite the dramatic headline of this article, there is no need for you to start unplugging your IoT (Internet of Things) devices from their plugs and go back into the stone-age. Instead, you can rely on the top 10 tricks that I have jotted down below for the easy references that would help you make your smart-home the most secure. Not as safe as the nuclear protection bunker! (Pun intended)
Smart home devices are the number one target for hackers around the world. Only because it gives them joy and liberty to access someone else’s personal data. It could be both for fame and money sake. But I am not here to dwell on how a hacker thinks and what are their primary goal behind initiating a hack.
Table of Contents
ALWAYS USE TWIN FACTOR AUTHENTICATION (2FA OR MFA)
For almost all of the electronic and smart devices, they come along with an option named as the twin-factor authentication. This feature is an excellent tool of protection from hackers and allows the user to have a code sent to their email ID or their mobile phone via an SMS. This second layer of security indeed has proven to repel the stringiest of the hackers out there.
Neglecting the 2FA is not a good thing at all. There was this one reported incident, where a hacker gained access to a Nest Security camera and convinced the baby to ramp up the heating at their home. With the help of 2FA, such incidents can easily then be avoided.
ALWAYS KEEP MULTI WI-FI SSIDS ENABLED
It is best advised to keep all of your smart home devices
and gadgets connected to the internet via your router on a separate and
dedicated VLAN. Wondering what that is? In simpler words, a VLAN is a channel
in which no external internet traffic other than the one permitted during its
configuration, is allowed. You can very easily assume that VLAN is a single
road, and no trespassing or opposite side traffic is allowed on that single
path. This segregation in the network will enable you to have a dedicated
environment for your IoT devices, which in results dramatically reduces the
risk of someone else infiltrating into the network via your shared Wi-Fi
passwords.
Best practice involves you to set up a “GUEST Wi-Fi” network in your broadband/home
router. Most of the ISP’s now provide you routers that have built-in Guest
Wi-Fi option. This dramatically reduces the factor of someone trying to peek
into your network, since the Guest profile is so minimal and disapproves the
user from doing anything other than basic browsing and social media.
Want to get a bit more techie? In your home routers, always ensure to use the WPA2 password strength as opposed to the WEP encryption policy. WPA2 is technically un-crack able till date. Well, don’t hold me for a ballpark figure, but the reported numbers on WPA2 passwords being cracked is meagre.
GET RID OF THE BUGGY FIRMWARE
With the invent of these modern smart gadgets, there is a chance that a hacker can quickly gain access to your device and then your whole network (meaning your smart-home) by merely exploiting a vulnerability in the code that the developer of the gadget accidentally missed correcting. This can wreak havoc if you are a kind of person who always clicks on “REMIND ME LATER” when your smart device asks you to “update”.
So now, before you click REMIND ME LATER, think about the possible repercussions of what you might end up with if you do not update.
ALWAYS USE CERTIFIED AND QUALIFIED DEVICES
Before you move on to purchase your next smart device, it is best advised to check if that device has a certification label affixed with it. The devices these days need to be compliant with specific security and safety standards before they can be hooked up with your smart home. So always ensure your devices are up to the mark and never pick up a gadget just because it costs less but is not certified.
STEER CLEAR FROM PUBLIC Wi-Fi
The topic on its own is self-explanatory. If the public Wi-Fi is made available to the public, you never know if a hacker is sitting on the network waiting for you to connect to it. Once that happens, you have given them enough control by connecting to the same platform as they are, and now they are free to do whatever they deem fit with your device.
What if it’s an urgency and you want to check your CCTV feed remotely via your smart-phone? Then instead of risking your NVR / DVR ‘s credentials being leaked out via the public Wi-FI, you are better off taking the hit and use your own Data Connection (3G/LTE). Better be safe than sorry, I would say!
SECURE YOUR SMART GADGETS
No keeping common passwords such as “ABC123” or your favourite birthdays. These are the first guesses that any hacker who is targeting you would try on to gain entry into your device.
With these smart gadgets, comes NFC and RFID fobs. These fobs should always be kept safely and in reach. If by any chance you lose one, then instead of waiting for it to be found; it is best to disable that particular access card or fobs using the device it was configured on.
ALWAYS PREFER TRUSTED BRANDS OVER AFTER-MARKET BRANDS
Always do your own due diligence before you head to make your next smart gadget purchase. It is easy to get carried away by the marketing stunts being pulled off by those cheap products marketed across eBay and other websites of sort. It is always best to read reviews, watch videos on a particular product before you head on to make the purchase.
Data security is a serious concern. It is indeed severe for the consumer, but the brands are not always at the lookout for it. A prime example here is of the company RING. Earlier on this year, it was reported that RING’s Ukraine based employees had unfettered access to the camera feeds of the consumers using their product. This created a storm of negative reviews and products being tossed into the bin.
PASSWORDS SHOULD ALWAYS BE STRONG AND COMPLEX
This dates back since the time when the computer peripherals were launched into the market. Passwords are still a key that should always be unique and never match and resemble your favourite words. If you are desperate to keep your favourite word as your password, then MyFavoritePasswrd is still better than MyFavoritePassword, since the latter is missing the alphabet “o”. Makes sense?
The length of the password that you keep for your devices matters a lot when it comes down to safeguarding yourself from the hackers. For example sake, the password “C0mp@ny!” is bad and weighs out much less when compared to “Company-I-Love”. The first password has 8 characters, and the last one has 14. So it is definitely much difficult for the hackers to gain access to your device if your password has longer lengths with special characters embedded into it.
When it comes down to the broadband routers that you have been given by your ISP’s at home, it is best advised to use a more non-obscure name for it. Instead of setting its name to “Jim’s Home WiFi”, you are better off using “Marvel Comics – Not Found”. This is bound to put a smile on your neighbours face when they eventually find out the Wi-FI signal is being detected with such a name. This would also help you to stay away from hackers who might be trying to identify who you are and if they are in vicinity and come across this name, would never be able to find out it is you that they are after.
Stay safe!
