Time to secure smart devices appearing at home

October 12th, 2016 | by Alfred Siew
Time to secure smart devices appearing at home
A good old kettle can't be hacked, but a connected one could offer a loophole to a Wi-Fi network. PHOTO: Vélocia (Creative Commons)

A good old kettle can’t be hacked, but a connected one could offer a loophole to a Wi-Fi network. PHOTO: Vélocia (Creative Commons)

I remember a time when Wi-Fi was not secure like today. In the early 2000s, you could drive around with a home-made antenna made out of a Pringles tin and sniff around other people’s wireless networks.

The encryption then was weak. Worse, people broadcast their data in the open, as the wireless signals spilled out of homes and offices.

It took several years for the industry and users to wise up to the risks involved with going untethered. Today, the same is happening with smart sensors that are entering homes at a rate faster than many may care.

There’s apparently a connected kettle, called an iKettle, that lets you boil water by sending a command via your smartphone. Also available is a “smart” wine bottle that links up via Wi-Fi and shows off a digital label.

Why anyone would use them is another question, but such devices can be easily broken into if you don’t secure them.

How easily? Security firm Sophos put out a rough guide last year, to show how a determined hacker can use a “smart” device to gain access to a home Wi-Fi network. Yes, via a connected kettle.

Okay, you can dismiss that as something over the top. Who would want to hack into your home? What can they steal? Why would they do it?

Holding you to ransom is one reason. If someone can lock you out of your network or devices, you’d end up having to pay up to get back your digital lives.

It’s okay if you lost some photos, but what about your tax returns or access to services from your Spotify to Adobe cloud account to do your work?

As more devices get hooked up at home, whether this is an Amazon assistant, a smart TV or even a talking Barbie doll, the threat is real.

Short of shutting everything down, what can you do? There are some guides online, but the advice usually goes along the lines of what you’ve heard before. Update your devices often, give access only to a limited number of devices and change your passwords often.

Would that be enough? Frankly, nothing is foolproof in the digital world any more.

As cyber attacks are mounted each day with increased sophistication, you can only reduce your risks. Then brace yourself for the possibility that your data could be wiped out or stolen, despite following the best practices.

Okay, that sounded overly pessimistic. On the upside, the technology industry has found ways around some of the most pressing problems, even in the cyber security space.

Windows is a lot less susceptible to malware now compared to a few years ago, because Microsoft was forced to make sure security was a critical problem it had to fix. It poured resources into making its software less vulnerable, reducing the risks for users.

The same can be said of Wi-Fi. After concerns were raised about the technology’s inherent flaws, the industry went back and came up with more robust encryption and went on to educate users. Yes, you have to change your password and home router makers today make it easy to do so out of the box.

All this takes time. As usual, technologies like the new Internet of Things are moving faster than the security needed to protect users can keep up.

The good news is that security is part of the design for much of today’s new devices and software. They are built to be updated so they can keep out future attacks.

The fear lies in old devices – first-gen connected gadgets that cannot be updated and will continue to be loopholes that hackers can exploit for years to come.

Unlike a smart phone or even a Wi-Fi router, you don’t discard a connected light bulb or kettle so quickly. If they cannot be patched up with software, they open themselves to attack all the time.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.