But both vendors and consumers need to take responsibility for staying safe, Kaspersky head says
Making your home a more connected and smarter place may actually be opening you up to a wide range of security risks.
A study by Kaspersky Lab has found that a large number of ‘smart home’ devices currently on the market can be compromised by hackers, often allowing them complete and total access to appliances such as security systems, entertainment services and even smartphones.
However the issue is not only down to a shortcomings from vendors, but also a lack of consumer awareness of proper security protection and protocols, the company says.
“Every single device I had in my home…was vulnerable – and not just to something small,” David Jacoby, one of Kaspersky Lab’s security evangelists, told TechWeekEurope.
His research found that a wide range of connected devices, from smart televisions to Blu-Ray players, and even printers, could be accessed, allowing hackers to gain full administrative access to the device, read the contents, modify the contents, and even backdoor the device.
“I was surprised it was so easy…it only took me 20 minutes to compromise the first device,” he said, noting that the attacks could even be carried out remotely to target a person’s smartphone or tablet, which could then infect the rest of the connected devices.
Such attacks “absolutely” signify the next-generation of security threats, Jacoby (pictured left) believes, as hackers are able to assault individuals by targeting their homes, and such risks will only continue to grow in the coming years as more of our lives get connected.
“Right now, we don’t really have that many critical IoT devices,” he says, “but just wait ten years, fifteen years – what if somehow everything is connected to the Internet?”
Consumers need to be taught how to prepare and set up their new devices properly, Jacoby believes, using network segmentation to ensure multiple units aren’t sharing the same IP address, theoretically making them harder to attack.
“We need to educate normal consumers, so they know that if they bring a new device in their home, that they have to configure the network properly for that device,” he says.
“We’re buying stuff that we have no control over, we’re putting it in our homes, and no-one takes responsibility for it.”
“Consumers often don’t have the technical knowledge, but we have to start somewhere…someone has to start taking responsibility – you can’t just go around buying stuff without knowing what you’re buying.”
And consumers are hardly getting much help from vendors, he believes, describing the current market situation as “just a mess to handle from a vendor point of view”.
“People are getting more aware of what they have to do,” he says, “but the problem is that, especially for consumer products, the support lifecycle is only about six months – so if you buy a smart TV or whatever, even if it’s brand new, when you take it home and plug it into your network, it might already be an outdated version.”
Ultimately, however, the solution will be a team effort, Jacoby believes, as all sides need to collaborate to ensure smart, connected homes become a reality.
“There’s not one solution,” he says. “You have to put pressure on the vendors, you have to educate consumers, you have to do a lot of things that no-one is really talking about at the moment”.
Soon, smart homes may become so widespread that people moving into a new house may already find themselves connected to a smart grid or with existing smart appliances that they have no idea how to monitor and secure, leaving them at risk of catastrophic attack.
“Our homes are starting to look like a small business – so we have to start acting accordingly,” Jacoby says, noting that adoption of smart homes is “happening very very fast…we’re very close.”
So next time you bring home a new clever appliance or smart tool – make sure it is set up properly, or you may end up feeling not very smart at all.
What do you know about the Internet of Things? Take our quiz!