Were you one of the millions of Americans who hit the stores or the Internet on Black Friday and Cyber Monday to do your holiday shopping? Did you stock up on all the great deals on home automation products like the Amazon Echo, Google Home, or one of the hundreds of smart devices with which they can communicate? Congratulations, even The Jetsons would envy your home and your ability to turn on your lights, start the coffee, and hear the morning news using only the power of your voice. However, did you know, convenience comes at the expense of security?
Smart home products is a multi-billion-dollar industry, which is expected to see continual growth in the coming years as they become more accessible and increasingly communicative. However, since it is a relatively new industry, there have been some growing pains, specifically around security vulnerabilities. In just the last few years, there have been some serious smart home and Internet of Things (IoT) hacks.
In November 2014, thousands of unsecured, Internet-connected cameras in 256 countries were hacked using the devices’ default usernames and passwords and broadcast on the internet. Although the website claimed its motive was to draw attention to the risks of leaving security cameras unsecured, it was still an invasion of privacy in its truest sense.
In a much different scenario, hackers recently gained entry into an American casino’s entire network, and sent company data back to a device in Finland. Casinos are typically very secure; so how did hackers manage this feat? Through an Internet-connected fish tank.
Obviously, not every home has (or needs) an Internet-connected fish tank, but more than likely you have a device that’s Bluetooth-enabled. This technological wonder is found everywhere today. It’s in your car, phone, laptop, portable speakers, and table-top voice-activated personal assistants just to name a few. Even some light switches have the functionality. Recently, the IoT cyber security firm Armis announced that many of these devices (over 5 billion and counting) are susceptible to malicious attacks through the BlueBorne vulnerability, a set of known vulnerabilities in Bluetooth technology. Although several of these vulnerabilities have been patched, several remain open. Leveraging this vulnerability, an attacker can spread malware quickly and efficiently; they just need to infect one Bluetooth-enabled device to spread the malware unknowingly to any nearby Bluetooth-enabled devices, and it could spread like the flu. So, ask yourself, “do I need my Bluetooth on all the time, everywhere I go? Is it worth the risk?”
We cannot make the decision for you on what’s more important in your life – convenience or security. Smart home devices are incredibly convenient. Having the power to manipulate your home using only your voice or smart phone is extremely practical, but it’s also a novelty. Our goal is to arm you with the understanding of the benefits and risks that come with IoT devices to help you make an informed decision regarding these devices.