How to Protect Your Smart Home From Hackers - Kanebridge News
Share Button

How to Protect Your Smart Home From Hackers

Thermostats. Doorbells. Ovens. Everything is connected to the internet these days—and vulnerable to cyberattacks.

By BART ZIEGLER
Mon, Mar 18, 2024 9:12amGrey Clock 6 min

The incidents have been unsettling: a homeowner’s thermostat raised to 90 degrees by hackers with no way to turn it down, baby monitors used by online stalkers to spy on families, webcams and other home devices hijacked to help take down corporate computer networks.

Thanks to the boom in “smart home” devices, we now live with vastly more connected gadgets: internet-linked TVs; camera-equipped doorbells; online thermostats, door locks and lightbulbs; web security cameras; and even refrigerators, dishwashers and ovens with Wi-Fi. Each online link provides a tempting target for a hacker.

The problem isn’t simply that somebody can hack a refrigerator or dishwasher, of course. It’s that once a bad actor breaches one of these devices, he or she potentially could control every other device on your home network. What’s more, these gadgets pose privacy concerns since their cameras, microphones and motion sensors could be used to monitor you.

As sales of smart-home devices continue to grow, consumers need to be cautious. Here are some questions and answers about how to thwart digital vandals.

How big a cybersecurity risk are smart-home devices?

Every new digital device introduced into your home comes with security risks. Most are connected to your Wi-Fi network and many come with an app that links them to your phone via Wi-Fi or your cellphone network. All of these are potential pathways for a hack—and the device with the weakest security could provide a way for hackers to reach the others.

In other words, you are only as safe as your weakest device.

“A lot of these devices don’t even have basic security features or protections,” says Wendy Frank , U.S. cyber internet-of-things leader for consulting firm Deloitte. Most lack virus protection and other security software that is common in personal computers and phones. Many don’t offer automatic updates of software or firmware (the coding that controls devices’ basic functions) from the manufacturer to fix security flaws, also standard with phones and PCs.

What kind of damage could hackers inflict?

Smart-home devices can be exploited to hack into the owners’ private information or attack a website.

In 2016, hackers controlling hundreds of thousands of internet-connected devices, believed to include webcams, smart TVs, printers and even baby monitors, unleashed  several massive attacks  that knocked out dozens of popular websites, including those of Twitter, Netflix , Amazon and Visa. Such “distributed denial-of-service” attacks instruct the devices to send millions of requests in unison to overwhelm a computer system, causing it to shut down.

Considering the enormous number of U.S. homes with smart devices—more than 60 million—and their low levels of security precautions, they are likely to continue to be tempting targets for all kinds of attacks, says Yuvraj Agarwal , an associate professor of computer science at Carnegie Mellon University. It’s “a disaster waiting to happen,” he says.

Among the potential risks experts cite: People could be locked out of their house by hackers who tapped the security system seeking a ransom. Burglars could listen in over smart speakers to figure out when you aren’t home. Smart lightbulbs could be used as a way to break into personal information on a phone.

What steps can we take to protect devices from hackers?

First, make sure your Wi-Fi router is secure—the router is the key to your digital home. Use the website or app that controls your router to check that it isn’t using the default password—that same password could have been given to many other customers. Give the router a unique password you use only for that device.

Next, ensure that the router’s security feature called a firewall is turned on, and that it is using encryption called WPA2 or the newer WPA3. And turn on the control to allow automatic software updates, if provided.

What about settings on the smart devices themselves?

As with routers, don’t use the default password they came with. Instead, use a different password for each device, so that if someone were able to figure out, say, the password for your smart doorbell, he or she wouldn’t have access to everything else.

And if a device allows two-factor authentication, be sure to use it. This means that to log in to the device you will need to type in a code sent by text or email, or generated by a device called an authenticator, in addition to the password. That extra step, while annoying, could keep out a hacker.

Is it risky to put smart devices on the same home Wi-Fi network you use for your computer and phone?

Yes. Someone could hack into one of your smart devices as a way to break into your Wi-Fi router, and from there could attack your computer, phone and everything else on the same network.

Instead, set up a guest network on your router that has its own unique password and use that network to connect your smart devices. Many routers include such a second network, but you may need to take a few steps to turn it on. Guest networks generally are sealed off from the main Wi-Fi network, so a hacker couldn’t leap from it to the main network.

When shopping for these devices, how do you know which are safer than others?

Check the makers’ security policies online before buying. Look for manufacturers’ statements that they periodically send security updates to the devices and encrypt the communications between the devices and their cloud service. Seek out products that offer two-factor authentication.

Are there certain types of smart devices to avoid?

Hundreds of types of internet-connected gadgets are sold online by innumerable companies, often at very low prices. “If it costs $5 for a smart plug, most of it is not going toward thinking about security and privacy first,” says Carnegie Mellon’s Agarwal, who does research on smart-device security.

Stick to devices from mainstream makers, since they are more likely to take security considerations seriously and spend the time and money to periodically update these features, he says. These companies don’t want to risk tarnishing their brands with products of questionable security.

What else can consumers do?

Limit how many smart devices you own—the more you have means more pathways for hackers to try to break in. Get fewer, more-secure devices rather than having insecure, cheaper devices in the whole home, says Deloitte’s Frank.

While you might find an Alexa or Google digital assistant useful on the kitchen counter, avoid putting one in a home office where you might talk about confidential financial or work-related topics that could be a juicy reward for a hacker, she adds.

Moreover, disable functions you don’t use or need on the devices, such as the camera on a digital assistant or the ability of the device to save recordings of your voice commands. “Having those turned on creates a larger attack surface” for a hacker, Frank says.

Do proprietary home networking systems provide more security than plain Wi-Fi?

While networks such as Google Home, Apple HomeKit and Amazon Alexa likely have enhanced security, in most cases they also use your home Wi-Fi to connect to their cloud services that run the networks. That raises the same security concerns as relying solely on Wi-Fi, Agarwal says.

Why don’t device makers build more security into their products?

A big factor is cost, says Deloitte’s Frank. Adding the level of security found in a laptop computer to a $15 internet-controlled lightbulb could make its price uncompetitive.

Moreover, she says, device makers want their products to appeal to ordinary consumers, so “they need to prioritize convenience, prioritize ease of use. Security often takes somewhat of a back seat.”

What is the smart-device industry doing to prevent hacks?

One effort is an industry standard called Matter from a consortium that includes Apple, Amazon, Google, Samsung and others, which works to make networked home products interoperate with each other. The Matter standard has security and privacy safeguards built in, says the group behind the standard. Products that meet the standard are being rolled out gradually and can carry its logo .

What is the government doing?

A project by the Biden administration aims to have makers of digital home devices label their products to indicate their security and privacy protections. Called the Cyber Trust Mark , it’s akin in some ways to the government’s Energy Star certification for the efficiency of home appliances.

The voluntary program, overseen by the Federal Communications Commission, is still under formation; the White House said last year it expected it to be in place in 2024. Under the proposal, device makers seeking to use the label would need to certify that their products meet certain standards by having them tested by an accredited lab. Agarwal says he has provided input to the government effort based on a Carnegie Mellon program to devise a similar label for smart products.



MOST POPULAR

What a quarter-million dollars gets you in the western capital.

Alexandre de Betak and his wife are focusing on their most personal project yet.

Related Stories
Property
Buy the House First, Get Married Later: Couples’ New Math
By DALVIN BROWN 25/11/2024
Property
The Secret to Selling a $100 Million Mansion
By KATHERINE CLARKE 20/11/2024
Property
Live Next to Venus Williams in South Florida for $30 Million
By CASEY FARMER 16/11/2024

Unmarried home buyers say they are giving priority to a financial foundation over a legal one

By DALVIN BROWN
Mon, Nov 25, 2024 4 min

The big wedding can wait. Couples are deciding they would rather take the plunge into homeownership.

In reshuffling the traditional order of adult milestones, some couples may decide not to marry at all, while others say they are willing to delay a wedding. Buying a home is as much, if not more of a commitment, they reason. It helps them build financial stability when the housing market is historically unaffordable.

In 2023, about 555,000 unmarried couples said that they had bought their home in the previous year, according to a Wall Street Journal analysis of Census Bureau data. That is up 46% from 10 years earlier, when just under 381,000 couples did the same.

Unmarried couples amounted to more than 11% of all U.S. home sales. The percentage has climbed steadily over the past two decades—a period in which marriage rates have fallen. These couples make up triple the share of the housing market that they did in the mid-1980s, according to the National Association of Realtors.

To make it work, couples must look past the significant risk that the relationship could blow up, or something could happen to one partner. Without a marriage certificate, living situations and finances are more likely to fall into limbo, attorneys say.

Mark White, 59 years old, and Sheila Davidson, 62, bought a lakeside townhouse together in Newport News, Va., in 2021. But only her name is on the deed. He sometimes worries about what would happen to the house if something happened to her. They have told their children that he should inherit the property, but don’t have formal documentation.

“We need to get him on the deed at some point,” Davidson said.

White and Davidson both had previous marriages, and decided they don’t want to do it again. They also believe tying the knot would affect their retirement benefits and tax brackets.

Financial foundation

Couples that forgo or postpone marriage say they are giving priority to a financial foundation over a legal one. The median homeowner had nearly $400,000 in wealth in 2022, compared with roughly $10,000 for renters, according to the Federal Reserve’s Survey of Consumer Finances.

Even couples that get married first are often focused on the house. Many engaged couples ask for down-payment help in lieu of traditional wedding gifts.

“A mortgage feels like a more concrete step toward their future together than a wedding,” said Emily Luk, co-founder of Plenty, a financial website for couples.

Elise Dixon and Nick Blue, both 29, watched last year as the Fed lifted rates, ostensibly pushing up the monthly costs on a mortgage. The couple, together for four years, decided to use $80,000 of their combined savings, including an unexpected inheritance she received from her grandfather, to buy a split-level condo in Washington, D.C.

“Buying a house is actually a bigger commitment than an engagement,” Dixon said.

They did that, too, getting engaged eight months after their April 2023 closing date. They are planning a small ceremony on the Maryland waterfront next year with around 75 guests, which they expect to cost less than they spent on the home’s down payment and closing costs.

The ages at which people buy homes and enter marriages have both been trending upward. The median age of first marriage for men is 30.2, and for women, 28.6, according to the Census Bureau. That is up from 29.3 and 27.0 a decade earlier. The National Association of Realtors reported this year that the median age of first-time buyers was 38, up from 31 in 2014.

Legal protections

Family lawyers—and parents—sometimes suggest protections in case the unmarried couple breaks up. A prenup-like cohabitation agreement spells out who keeps the house, and how to divide the financial obligations. Without the divorce process, a split can be even messier, legal advisers say.

Family law attorneys say more unmarried people are calling for legal advice, but often balk at planning for a potential split, along with the cost of drawing up such agreements, which can range from $1,000 to $3,000, according to attorney-matching service Legal Match.

Dixon, the Washington condo buyer, said she brushed off her mother’s suggestion that she draft an agreement with Blue detailing how much she invested, figuring that their mutual trust and equal contributions made it unnecessary. (They are planning to get a prenup when they wed, she said.)

There are a lot of questions couples don’t often think about, such as whether one owner has the option to buy the other out, and how quickly they need to identify a real-estate agent if they decide to sell, said Ryan Malet, a real-estate lawyer in the D.C. region.

The legal risks often don’t deter young home buyers.

Peyton Kolb, 26, and her fiancé figured that a 150-person wedding would cost $200,000 or more. Instead, they bought a three-bedroom near Tampa with a down payment of less than $50,000.

“We could spend it all on one day, or we could invest in something that would build equity and give us space to grow,” said Kolb, who works in new-home sales.

Owning a place where guests could sleep in an extra bedroom, instead of on the couch in their old rental, “really solidified us starting our lives together,” Kolb said. Their wedding is set for next May.

Homes and weddings have both gotten more expensive, but there are signs that home prices are rising faster. From 2019 to 2023, the median sales price for existing single-family homes rose by 44%, according to the National Association of Realtors. The average cost of a wedding increased 25% over that time, according to annual survey data from The Knot.

Rent versus buy

Roughly three quarters of couples move in together before marriage, and may already be considering the trade-offs between buying and renting. The cost of both has risen sharply over the past few years, but rent rises regularly while buying with a fixed-rate mortgage caps at least some of the costs.

An $800 rent hike prompted Sonali Prabhu and Ryan Willis, both 27, to look at buying. They were already paying $3,200 in monthly rent on their two-bedroom Austin, Texas, apartment, and felt they had outgrown it while working from home.

In October, they closed on a $425,000 three-bed, three-bath house. Their mortgage payment is $200 more than their rent would have been, but they have more space. They split the down payment and she paid about $50,000 for some renovations.

Her dad’s one request was that the house face east for good fortune, she said. Both parents are eagerly awaiting an engagement.

“We’re very solid right now,” said Prabhu, who plans to get married in 2026. “The marriage will come when it comes.”