How to Protect Your Smart Home From Hackers - Kanebridge News
Share Button

How to Protect Your Smart Home From Hackers

Thermostats. Doorbells. Ovens. Everything is connected to the internet these days—and vulnerable to cyberattacks.

Mon, Mar 18, 2024 9:12amGrey Clock 6 min

The incidents have been unsettling: a homeowner’s thermostat raised to 90 degrees by hackers with no way to turn it down, baby monitors used by online stalkers to spy on families, webcams and other home devices hijacked to help take down corporate computer networks.

Thanks to the boom in “smart home” devices, we now live with vastly more connected gadgets: internet-linked TVs; camera-equipped doorbells; online thermostats, door locks and lightbulbs; web security cameras; and even refrigerators, dishwashers and ovens with Wi-Fi. Each online link provides a tempting target for a hacker.

The problem isn’t simply that somebody can hack a refrigerator or dishwasher, of course. It’s that once a bad actor breaches one of these devices, he or she potentially could control every other device on your home network. What’s more, these gadgets pose privacy concerns since their cameras, microphones and motion sensors could be used to monitor you.

As sales of smart-home devices continue to grow, consumers need to be cautious. Here are some questions and answers about how to thwart digital vandals.

How big a cybersecurity risk are smart-home devices?

Every new digital device introduced into your home comes with security risks. Most are connected to your Wi-Fi network and many come with an app that links them to your phone via Wi-Fi or your cellphone network. All of these are potential pathways for a hack—and the device with the weakest security could provide a way for hackers to reach the others.

In other words, you are only as safe as your weakest device.

“A lot of these devices don’t even have basic security features or protections,” says Wendy Frank , U.S. cyber internet-of-things leader for consulting firm Deloitte. Most lack virus protection and other security software that is common in personal computers and phones. Many don’t offer automatic updates of software or firmware (the coding that controls devices’ basic functions) from the manufacturer to fix security flaws, also standard with phones and PCs.

What kind of damage could hackers inflict?

Smart-home devices can be exploited to hack into the owners’ private information or attack a website.

In 2016, hackers controlling hundreds of thousands of internet-connected devices, believed to include webcams, smart TVs, printers and even baby monitors, unleashed  several massive attacks  that knocked out dozens of popular websites, including those of Twitter, Netflix , Amazon and Visa. Such “distributed denial-of-service” attacks instruct the devices to send millions of requests in unison to overwhelm a computer system, causing it to shut down.

Considering the enormous number of U.S. homes with smart devices—more than 60 million—and their low levels of security precautions, they are likely to continue to be tempting targets for all kinds of attacks, says Yuvraj Agarwal , an associate professor of computer science at Carnegie Mellon University. It’s “a disaster waiting to happen,” he says.

Among the potential risks experts cite: People could be locked out of their house by hackers who tapped the security system seeking a ransom. Burglars could listen in over smart speakers to figure out when you aren’t home. Smart lightbulbs could be used as a way to break into personal information on a phone.

What steps can we take to protect devices from hackers?

First, make sure your Wi-Fi router is secure—the router is the key to your digital home. Use the website or app that controls your router to check that it isn’t using the default password—that same password could have been given to many other customers. Give the router a unique password you use only for that device.

Next, ensure that the router’s security feature called a firewall is turned on, and that it is using encryption called WPA2 or the newer WPA3. And turn on the control to allow automatic software updates, if provided.

What about settings on the smart devices themselves?

As with routers, don’t use the default password they came with. Instead, use a different password for each device, so that if someone were able to figure out, say, the password for your smart doorbell, he or she wouldn’t have access to everything else.

And if a device allows two-factor authentication, be sure to use it. This means that to log in to the device you will need to type in a code sent by text or email, or generated by a device called an authenticator, in addition to the password. That extra step, while annoying, could keep out a hacker.

Is it risky to put smart devices on the same home Wi-Fi network you use for your computer and phone?

Yes. Someone could hack into one of your smart devices as a way to break into your Wi-Fi router, and from there could attack your computer, phone and everything else on the same network.

Instead, set up a guest network on your router that has its own unique password and use that network to connect your smart devices. Many routers include such a second network, but you may need to take a few steps to turn it on. Guest networks generally are sealed off from the main Wi-Fi network, so a hacker couldn’t leap from it to the main network.

When shopping for these devices, how do you know which are safer than others?

Check the makers’ security policies online before buying. Look for manufacturers’ statements that they periodically send security updates to the devices and encrypt the communications between the devices and their cloud service. Seek out products that offer two-factor authentication.

Are there certain types of smart devices to avoid?

Hundreds of types of internet-connected gadgets are sold online by innumerable companies, often at very low prices. “If it costs $5 for a smart plug, most of it is not going toward thinking about security and privacy first,” says Carnegie Mellon’s Agarwal, who does research on smart-device security.

Stick to devices from mainstream makers, since they are more likely to take security considerations seriously and spend the time and money to periodically update these features, he says. These companies don’t want to risk tarnishing their brands with products of questionable security.

What else can consumers do?

Limit how many smart devices you own—the more you have means more pathways for hackers to try to break in. Get fewer, more-secure devices rather than having insecure, cheaper devices in the whole home, says Deloitte’s Frank.

While you might find an Alexa or Google digital assistant useful on the kitchen counter, avoid putting one in a home office where you might talk about confidential financial or work-related topics that could be a juicy reward for a hacker, she adds.

Moreover, disable functions you don’t use or need on the devices, such as the camera on a digital assistant or the ability of the device to save recordings of your voice commands. “Having those turned on creates a larger attack surface” for a hacker, Frank says.

Do proprietary home networking systems provide more security than plain Wi-Fi?

While networks such as Google Home, Apple HomeKit and Amazon Alexa likely have enhanced security, in most cases they also use your home Wi-Fi to connect to their cloud services that run the networks. That raises the same security concerns as relying solely on Wi-Fi, Agarwal says.

Why don’t device makers build more security into their products?

A big factor is cost, says Deloitte’s Frank. Adding the level of security found in a laptop computer to a $15 internet-controlled lightbulb could make its price uncompetitive.

Moreover, she says, device makers want their products to appeal to ordinary consumers, so “they need to prioritize convenience, prioritize ease of use. Security often takes somewhat of a back seat.”

What is the smart-device industry doing to prevent hacks?

One effort is an industry standard called Matter from a consortium that includes Apple, Amazon, Google, Samsung and others, which works to make networked home products interoperate with each other. The Matter standard has security and privacy safeguards built in, says the group behind the standard. Products that meet the standard are being rolled out gradually and can carry its logo .

What is the government doing?

A project by the Biden administration aims to have makers of digital home devices label their products to indicate their security and privacy protections. Called the Cyber Trust Mark , it’s akin in some ways to the government’s Energy Star certification for the efficiency of home appliances.

The voluntary program, overseen by the Federal Communications Commission, is still under formation; the White House said last year it expected it to be in place in 2024. Under the proposal, device makers seeking to use the label would need to certify that their products meet certain standards by having them tested by an accredited lab. Agarwal says he has provided input to the government effort based on a Carnegie Mellon program to devise a similar label for smart products.


What a quarter-million dollars gets you in the western capital.

Alexandre de Betak and his wife are focusing on their most personal project yet.

Related Stories
The Party’s Over for Coachella’s Glitziest Rental Mansions
By NANCY KEATES 13/04/2024
Live in a WWII-Era U.S. Embassy in London for £21.5 Million
By LIZ LUCKING 11/04/2024
A Megamansion in Dubai’s Swanky Emirates Hills Community Sells for $40.2 Million
By LIZ LUCKING 09/04/2024

This year, demand for high-end festival event rentals is down amid a glut of inventory, a shifting party scene and what some are calling a lacklustre lineup

Sat, Apr 13, 2024 9 min

Kristina Morrison’s journey to a parallel universe started on a bus that navigated hot, dusty, desert roads, crossed through a gated community with drab cookie-cutter houses and stopped in front of an enormous, white Mediterranean-style mansion.

She walked through an archway dripping with silver beads that revealed a crystal clear blue swimming pool lined with palm trees, bright red flowers and large rocks. Beautiful people played putt-putt, danced to live DJs and drank lime-green margaritas on a vast green lawn decorated with stacks of pink and silver balls.

“Everything was so chic and elegant,” says Morrison, a model, actress and influencer, about the Clinique-hosted event that took place last April in Indio, Calif., during the first weekend of the Coachella Valley Music and Arts Festival.

The party was at an 8,900-square-foot custom-designed estate called Zenda, which rents for around $300,000 an event during the festival. Its owner, Miles Warner, who lives 140 miles away in Santa Monica, was initially going to buy a smaller place to rent out as an Airbnb when he wasn’t there golfing, but when he saw the prices Coachella events, which include parties and overnight guests, were commanding, he bought the nine-acre property in February 2022 for $5.8 million. He then invested around $700,000 to add bedrooms and convert a barn into a party space.

One Coachella weekend event can cover the estate’s expenses for a year, he says. “I’m just lucky it’s working. If it stopped working, it would get expensive quickly,” he says.

There has been a bloom of such rental mansions in Southern California’s Coachella Valley over the past few years. The annual festival, which will take place over the weekends of April 12-14 and April 19-21, brings roughly 120,000 people, most of them to an area that covers nine cities, including Palm Springs, Desert Hot Springs, Indio, Indian Wells, La Quinta, Coachella, Palm Desert, Rancho Mirage and Cathedral City, as well as unincorporated communities in Riverside County like Thermal and Bermuda Dunes.

But this year, rentals of these mansions are slowing down, causing some to reduce prices, according Kaylee Ricciardi, an LA-based luxury rental real-estate agent with AKG | Christie’s who represents a number of mansions. Current demand for all short-term rentals in the Coachella Valley is down 12% year over year for the first concert weekend, the most popular time span. Last year, 75% of demand for both weeks of the Coachella festival were already booked at this point, according to AirDNA.

This doesn’t bode well considering all that goes into these weekends. On the festival’s sidelines, companies hold invitation-only parties called “activations” to draw in influencers, some of whom are paid to attend. The goal is to create memorable moments, or “branded experiences” to ensure their products show up on TikTok and Instagram feeds. These swag-laden events take months to plan and involve elaborate sets and celebrity appearances. Mansions with amenities like lazy rivers, pickleball courts and infinity pools make for good backdrops.

As a result, the income brought in by all short-term rentals in the valley during the Coachella festival has grown significantly—up 30% in 2023 compared with 2019, according to an exclusive data analysis by short-term rental-analytics firm AirDNA. In the areas where many of these rental mansions are located, the growth over just the past year has been explosive: up 44% in Coachella and up 38% in Thermal.

The slowdown in bookings, some say, is due to a glut that is coming on the market, as more investors are buying, building and renovating massive properties to rent out. “There’s going to be empty houses this year,” says Zenda’s owner Warner. He says the “secret” (that there’s a lot of money to be made renting large estates for activations during Coachella) is out—and now it’s just a question of supply and demand. Zenda, where the Clinique party took place, finally rented out this year, months later than usual, and for a significantly lower rate since it’s just a group of festival goers and not for an event.

Some owners speculate that companies are cutting back because of the economy, but the production companies that are managing the activations say the festival is important. “It’s absolutely critical for brands,” says Zev Norotsky, whose L.A-based event planning company Enter is managing several parties this year.

Others attribute it to a lacklustre festival lineup, which features Lana Del Rey, the Creator, and Doja Cat. “It’s not Beyoncé,” (who headlined the festival in 2018) says Sean Breuner, the founder and CEO of a luxury-property management company AvantStay, which manages several of the large estates in the area, along with luxury homes across the country. Rumours continue to swirl that Taylor Swift will be there to support Del Rey, a good friend, and that she could even perform.

Breuner bought his own rental mansion, a 5,000-square-foot estate called Buena Vista on 38 acres, with partners for $5.25 million in 2021. He spent over a million dollars renovating it and adding amenities like a tennis court, a large pool and a lake with paddle boats and kayaks. As it did last year during Coachella, Buena Vista will again this year host an event for Kourtney Kardashian’s lifestyle brand Poosh—an adult sleep-away camp and party. The property rents for more than $150,000 for an event at this time, according to rental agents.

Tony Schubert, owner of Event Eleven, an LA-based event-production company, says prices for these rental mansions have become so high that he realised it would be more cost effective to just build his own compound. For the past two years his company rented an 8,500-square-foot Mediterranean-style mansion on 19 acres with a man-made lake, an infinity pool and a 4-acre polo field called Cavallo Ranch, which rents out for around $300,000, where he runs an event called Nylon House, hosted by Nylon Magazine.

A few months ago he bought a 20-acre date farm in Thermal, part of Riverside County close to the festival, with two dilapidated houses for $850,000. He plans to build a 4,000-square-foot house, a lazy river and six A-frame sleeping villas that should be ready for next year’s festival. “I was looking at estates for clients and couldn’t believe how much money they were getting,” he says.

The Madrid, which spans 10,000 square feet, has eight bedrooms, three guest casitas, a poolside bar, an airplane hangar, a tennis court and two pickleball courts, is part of a whole rental mansion gated subdivision, complete with a guard, in Bermuda Dunes, created by Rick Kay, who runs a San Clemente, Calif.-based ball-bearing manufacturing company. Kay initially bought a single 10,000-square-foot home for $1.6 million in a subdivision in 2006, but when he ran into an issue renting short term, he decided to buy up the other 10 lots and build individual 10,000-square-foot houses, at a cost of $5 million to $8 million each. “Everyone has vacation rentals but no one else has a vacation village,” says Kay.

These side events held during Coachella are crucial to the local economy, particularly in the more remote areas like Thermal, which doesn’t have many hotels and restaurants to reap the benefits from the festival, says Mark Tadros,. He rents out the packhouse, traditionally where the dates are packed, on the property of his date farm, Aziz Farms, for as high as $150,000 per event during Coachella.

Last year an event called Oasis in partnership with Liquid I.V. (an El Segundo, Calif.-based hydration drink company) took place at the packhouse, but this year, the packhouse isn’t rented. “We are taking a different approach,” says Kyle Nolan, the executive producer at Sturdy, a L.A.-based design studio and creative agency that runs the Oasis event and says he isn’t doing any events off the festival grounds this year.

“I certainly hope this isn’t the new normal. I just think it’s an off year,” says Tadros, who also sits on a community council in Riverside County that approves or denies permits for special events in parts of the unincorporated areas. He says the permitting process has become much stricter in recent years.

This year Indio “clarified” its definition of a “large event,” requiring a permit for any party with over 40 attendees held at an estate with overnight guests because some property owners weren’t compliant, says Indio marketing and public information officer Jessica Mediano. Indio also doesn’t allow properties within 1,000 feet of the festival grounds during a major music festival event (i.e. Coachella) to hold events.

One of the more renowned events, sponsored by online fashion retailer Revolve , is also cutting back this year, holding its party on just one day instead of two and opting for a Palm Springs hotel instead of a private mansion as in previous years. A Revolve spokesperson says it will “still host the same amount of guests, we have just simply changed the format to keep things fresh, exciting and elevated.”

Last year the Revolve affair was held at the Emerson Estate, an over 8,000-square-foot mansion on 20 acres in Indio that rents for $30,000 for weddings and goes up to the six figure range for events. Emerson Estate owner Diana Lazzarini says she put a lot of money into her property getting ready for the Revolve party, such as putting in gates and an area for VIP parking, in hopes that they would return. She says she had a few lowball offers, but her estate isn’t booked for the first weekend of Coachella this year because it wasn’t worth accepting the lower prices people were offering. “It’s a lot of liability, headache and risk,” she says.

The Madrid House, advertised by its owner Rick Kay as “the house that never sleeps,” is also changing course. Instead of big parties on Friday and Saturday nights, there will be private daytime events run by Enter around the pool featuring pickleball and fitness classes with partners like Paper Magazine, True Religion, Saint James Iced Tea and LaCroix. Kay says he thinks he could charge as much as $200,000 for big events, but he prefers the smaller sized parties, which pay around $40,000 for the Madrid, because they are less of a hassle. The lower price played a role in why he chose the Madrid, says Enter’s Norotsky.

Instead of building one big estate on multiple acres for big events, some investors are now building multiple individual ultraluxury homes where headliner musicians can stay and companies can host influencers at smaller parties that don’t require permits.

David Corso, whose Corso Marketing Group manages a Coachella event estate called Zenyara, just finished building his own rental mansion property he named Villa Rosa. Designed by the CEO of RH, Gary Friedman (a friend), the very modern, polished concrete and balsa wood house will host Coachella musicians and guests in a quieter, more intimate environment for $10,000 to $30,000 a night, depending on the season he says.

Claudio Bravo is taking a similar path. The luxury mansion rental company magnate just finished building a $50 million project with 16 short-term rental mansions. Each spans 6,500 square feet. They are right next to each other in a gated community on a 10-acre property in Indio, near the festival site, called Bravo Collection in Indio. This year 13 of the homes, which rent for around $100,000 apiece for a week during Coachella, will be rented by Guess Inc.

Jen and Chris Baldivid’s Folsom, Calif.-based Walker Land Company owns the Old Polo Estate, a former date farm on five acres they bought in 2017 for $925,000 and added a pool, pond, volleyball and pickleball courts and a two-hole golf course. They rent it out for $50,000-$400,000 for events that attract as many as 3,000 attendees during Coachella’s first weekend. Last year’s activation was sponsored by clothing company Darc Sport and included a 40-foot long tunnel with plastic skulls embedded into foam walls. It’s not rented for the first weekend of Coachella this year.

Starting this year, the Balvadids have a different sort of mansion that is almost fully booked until summer, including during Coachella, with smaller events, like dinners, and guests staying over. It’s well known in the architectural community because it was designed in 1959 by Midcentury Modernist Walter S. White. The structure of the house, including the metal parabolic roof that floats over the angular white structure, is untouched, but they knocked down a wall to make it more open, added three sleeping casitas, put in a pool that mimics the shape of the house and turned a carport into an outdoor entertainment area.

While demand for short-term rentals has slowed for the first weekend of the Coachella festival, it is higher this year for what’s called Stagecoach—the country music festival held the weekend after the two Coachella festival weekends, this year April 26-28. Demand is up 39% year-over-year, according to AirDNA. That is giving mansion owners hope that there will be expanding opportunities for event rentals beyond Coachella.

There are still more event mansions on the horizon. Drew MacLurg owns the Stallion Estate, a 7,000 square foot home on 5 acres he bought for $4 million in March 2022. He charges around $200,000 for an event for the first weekend of Coachella, but he didn’t get any interest for that this year so he is renting it to a private group for three nights for around $18,000, he says.

MacLurg put in about $1.6 million adding a 60-foot long pool with a waterslide, a decked-out game barn, a pickleball court and a nine-hole mini golf course. He is currently building a 7,000-square-foot house nearby that will have a lazy river and a bowling alley for event use.

Another is the Pond Estate, a 12,700-square-foot Hacienda-style mansion with indoor and outdoor swimming pools and two guesthouses (4,000 square feet and 2,000 square feet) on over 12 acres in South Palm Springs. Tom Ryan, the president and CEO of streaming at Paramount, bought the property, near a house he owned, for $8.38 million in June 2021 after stumbling on it with his wife. He says he was blown away by the beauty and history and is putting in a couple million dollars renovating and redecorating it, including creating a game room and entertaining spaces out of former garages, each 3,000 square feet. He plans to rent it out for weddings, private parties and during Coachella for events.

Ryan says he didn’t buy it as an investment to make as much profit as possible—he sees the event business more as helping offset costs for a property his family will own for generations. “It felt like a once in a lifetime opportunity,” says Ryan.