Smart home products are supposed to help keep you safe, but some of these connected devices could put you in danger.
As home automation products flood the market, there’s growing concern that these internet connected devices — like smart cameras and thermostats — are an easy target for hackers because they lack basic security measures.
“Really, the state of security on these things right now is pretty atrocious,” Colby Moore, a security research engineer at the cybersecurity firm Synack, told Business Insider.
Earlier this year, Synack tested 16 home automation devices and found only one that its researchers couldn’t easily break into.
This is a problem because if a cyber criminal can break into your home devices they can start to understand your behaviours and patterns — like when you are home and when you are not — putting your safety and privacy at risk, said Joe Loomis, CEO and founder of CyberSponse.
“It’s almost like casing a bank. When somebody knows your behaviours and where you are going to be it’s easier to take advantage of their vulnerabilities,” Loomis told Business Insider. “The other problem is on the privacy side. If somebody wants to take your video or your pictures and exploit it in some way or another, that’s another bad issue.”
Why hacking the home could become a big problem
While we are still in the early days of the smart home automation, these products, which are part of the so-called Internet of Things (IoT), could become a big problem because so many of the devices simply lack basic security measures.
Part of the issue stems from the fact that some of the companies making these products just don’t have strong backgrounds in security.
“A lot of these device manufacturers are just not security people and they really just don’t have security people on staff, especially when it comes to IoT start-ups,” Moore said. “What they are doing is phenomenal with all of these new uses for technology. But security isn’t a concern for everybody. It’s ship now and patch later mentality.”
Also, there are no industry standards for security on these types of devices, so some manufacturers just opt to do as little as possible, Moore said.
Apple has run into this problem recently with manufacturers looking to get onto the HomeKit Platform, which is the technology used to control smart home products with an Apple iPhone or iPad.
Apple is requiring manufacturers who want their devices to be compatible with HomeKit to include special chips and firmware, but manufacturers are reluctant because the changes take more time and money, according to a report from the Register published earlier this week.
“There’s no industry standard and there’s is no way to tell if a product is secure or not if you are the average Joe. That is a big problem and it’s a problem that the industry needs to address and is thinking about,” Moore said.
How to keep your smart home secure
While you can’t just install some sort of anti-virus software on your automated home devices, there are a few steps you can take to decrease the odds of being hacked.
First, only buy products that are made by companies you trust.
“The best thing you can do is buy devices that are well established in the marketplace and buy devices that are backed by a real company who takes security seriously,” Moore said.
Second, treat your smart home products like any other computer in your home and make sure you are updating the software as updates are released and changing your password regularly.
And the most effective way to avoid getting your home hacked is to simply avoid buying smart home products until there is a better security standard put in place.
“If you are worried about it then don’t put yourself at risk,” Moore said. “It’s kind of up to us to demand a higher security standard and hold the manufacturers to it.”