The “smart home” concept is one artifact of science fiction that, until recent years, teetered on the brink of mainstream acceptance. Now, just a shout away from becoming the norm, these systems have come under greater scrutiny. Concerns surrounding their ability to keep personal data as well as camera networks secure has many worried they leak more information than they supposedly protect.
The ability to control lights, appliances and security systems remotely holds endless appeal.
New Opportunities For You, And The Bad Guys
Having your home on “speed dial” and controlling it’s inner and outer workings from a mobile device seems like the utmost in 21st century luxury. But ruling over your domain with an ironclad digital shield might not protect it as well as you’d hoped.
Recent studies are proving that for now, smart house integration should still be approached with caution. Kashmir Hill, in a recent Forbes investigation, proved just how easy it is to gain illegal access to people’s home security systems. Disclosing obvious vulnerabilities in their programming, such as no longer supporting outdated systems privacy controls, it’s clear there’s cause for concern.
Able to find “smart house” controllers through simple web searches, hackers are presented with easy ways to not only spy on families, but cross physical barriers and break into their homes and garages. While some are content wrecking havoc with lights or appliances, others have used their skills to obtain access to baby monitors or web cams. All of this can be done with even the most basic understanding of technology. Putting a more experienced cybercriminal to the task of breaking into one of these systems almost seems like a waste of their talent.
These systems vary; some are controlled by cloud computing systems, others by home Windows or Linux servers, others still by Android. Risks exist across the board. The dangers of a hack into a “smart house” system range from annoying (in the case of lights and appliances) to utterly creepy (interior surveillance cameras, nanny cams or webcams) to, in worst case scenarios, a dangerous and expensive break-in.
Physical safety concerns should be a top priority. However, other valuable personal data can also be obtained from a security breach. By gaining access to a home system, hackers can find credit card and other financial information, web browsing habits, and hosts of other private material.
How Do I Secure my High Tech Home?
Of course, homeowners want the convenience of home automation without the risk of privacy infringements. If you are considering investing in a system designed to protect you from outside intruders, it makes sense to protect yourself from cyber criminals operating on the other end. Here are a few ways to better secure your system:
Ensure your devices are compatible and can be run from a central hub.
Protect your cell phone – often the command center for the security system, many are used without even minimal security measures, like a protected lock screen or an app to locate the device if it goes missing.
Look into devices which offer AES 128-bit encryption or higher, or make sure to inquire as to the standard your system uses to secure the alarm system’s communications.
Do not use usernames or passwords you have for other devices, change your passwords often, and do not leave ports open or use port forwarding.
Use VPN systems whenever possible.
Pay closest attention to devices that have the greatest security holes, like baby monitors or “nanny cams.”
New legislation spearheaded by President Obama also hopes to provide homeowners with better tools to safeguard themselves against potential hackers. The Personal Data Notification and Protection Act will place restrictions on companies’ ability to collect customer data and sell it to third parties. These directives propose new algorithms and hardware specifications which will, if nothing else, slow down the progress of attempted hacks. But due to the “rogue” nature of security system hacking, it’s unlikely that this law will do much to stop the imminent threat of cyber criminals.
For the moment, concerned citizens should assume all authority when it comes to protecting their personal information and physical safety. Private companies, the government and other entities cannot be trusted with that responsibility.