How to Prevent your Smart Home from being Hacked – An Expert Opinion.

In this article, our CTO describes how to prevent your smart home from being hacked. We are going to be going over how to create a personal cyber strategy. Let’s get started.

When you engage in business with ethical hackers, it can offer the insight required to understand what must be done for securing IoT devices. We all want convenience, but the market must be brought to heel from the demand of consumers who are seeking mitigation from both the carelessness of IoT manufacturers (and their vendors), as well as the cyber criminals themselves who seek to wreak havoc. That does not mean that a synergistic relationship cannot be established with the IoT manufacturers, vendors, etc. But we also need not negotiate with criminals under any circumstance either. When you take matters into your own hands, the empowerment is compounding and also has a ripple effect unto others.

A Real World Example

Prevent Your Smart Home from being hacked - A Real World Example

With your trust we can help prevent a disaster scenario from affecting you and accomplish much needed ground in the era of smart homes and connected devices.

A Canadian news team hired a team of ethical hackers to test smart devices. They found some interesting things. “Vulnerabilities revealed in smart home devices prompt one manufacturer to immediately beef up protections”

They also found that there are live streams of smart cameras which have been hacked, with people not even noticing that they are live in front of an unknown audience. Things like this are easily preventable.

Developing Your Cyber Security Strategy

Developing Your Cyber Security Stategy

There are two things necessary for a successful cyber security strategy:

  1. Recognize phishing emails, messages, and avoid them at all cost
  2. Understand how to prevent the risks of a cyber attack

Preventing Phishing

Don’t click on strange links. If you get phishing or spam, block and delete it immediately, and be careful because it is down to the wire. Whether it is email, text message, or robocalls, they all just want your money and/or your data. They’ll do anything for both. Personal information is purchased by common criminals on the dark web to target people, especially if they have digital assets of any kind. I’ve seen a number of cases come up in my local jurisdiction recently. Most of it is raw identity theft and various types of online fraud.

Most cyber security breaches are carried out through phishing (over 90%), usually through email. This exposes you to social engineering, which is meant to trick you into making a mistake. Their intent is to fool you into becoming a victim of their targeting. Luckily you can easily avoid all phishing attacks by knowing how to spot them.

Being able to identify a phishing email is literally the easiest way to avoid a large portion of cyber attacks. But let’s say you accidentally clicked a bad link, as it is bound to happen. This is why having proper security measures in place (i.e. updated software and firmware). It may very well be the case that this can ward off any of the cyber criminal attempts to breach your network further.

Sometimes it is difficult to avoid a click or tap on those malicious links, and this is understandable. You must choose caution in dealing with those things. They may be able to perform recon and attempt to weaponize any vulnerabilities in your devices immediately. The cyber attack technology is extremely sophisticated. They just need you to make a mistake.

Testing for Vulnerabilities

Testing your devices with security tools is the only way to reveal those weak points is the only way for you to be sure and allows you to prepare as best as you can. Simius allows you to automate your smart home security testing while offering the flexibility for you to scan for threats on demand. It’s the only way to be sure of your smart device security.

On the other hand, we can expect the unexpected from internet criminals. They are improving their methods. Case in point, DeepFakes machine learning and artificial intelligence was used to impersonate the CEO’s voice. The company was tricked into wiring over $200,000 to online crooks. 

It’s worth mentioning that wardriving can also occur, whereby the cyber attacker actually drives a vehicle on a street where your home is physically located. They then scan your network remotely without trespassing on your property. This is less common than phishing, but there is still a chance that it can happen.

Again, you can run security scans on your smart home network using Simius and correct any points of exposure before any criminals can take advantage. Furthermore it is important to note that not all wardriving is malicious. Some organizations host their wardriving data for public consumption so that it can add to the open-source intelligence shared for the benefit of businesses and consumers alike.

Be Vigilant on Social Media

Staying safe online is similar to anything in real life. Never trust a stranger, and the same is true for a random link appearing in your notifications or email. Again, block and delete, filter, etc. If you are wondering why you might be targeted with such an elaborate phishing campaign, then look no further than the fact that your phone number may have been leaked due to the recent Facebook breach: 533 million Facebook users’ phone numbers and personal data have been leaked online

Facebook is not alone, so make sure you keep passwords cycled and changed at least once every six months. To manage it with convenience, you can use a password manager app such as KeePass and it is best to avoid using the ones that are built into web browsers. Two-factor authentication is also highly recommended, especially for anything related to financials but also on your network security passwords. It is easy to use and is essentially your own security code system. Basically, you enter in a password along with a randomly generated number to accompany the login credentials, and most logins support the method.

This adds an extra set of layers which intensifies the difficulty in breaching your data. And if your data cannot be stolen then it is easier to prevent your smart home from being hacked.

Recovery Strategies

Recovery Strategies

Data leaks are common from large scale cyber disasters and security breaches, and we must all learn how to recover.

As IoT consumers, we are heading through uncharted waters. To avoid the storm, one must become the storm. Simius can help you to navigate as such, and with considerable ease. Again, if this were easy then everyone would be doing it. You may even wonder how we arrived in this situation however.

The unintended consequences of increasing the connectivity of smart devices causes the rising numbers in cyber threats and online vulnerabilities. This is similar to pollution released by factories during the industrial revolution which continues to plague us till this day. Same difference with cyber attacks, but there are things we can do to filter out those negative digital pollutants from poisoning the safety and security of our smart homes.

In the event of your smart home being breached, it’s important to remain calm, collected, and vigilant. Never underestimate your ability to overcome a bad situation. Concentrate all your focus on fixing the problem in any way you can, while accepting things you cannot change which are out of your control. Then you can realize more quickly the actions required to repair and amend the problem. 

Disaster Recovery

Disaster recovery is about making sense of the situation, even after you are past the point of no return, never give them an inch.

Suppose malware encrypted your sensitive files and they are holding it all for ransom, asking you to pay them bitcoin. It happens. So don’t give them anything. Even if you do pay, there is no guarantee they will even respond. Gather evidence, submit to any trusted government authorities for them to investigate, and keep backups of your important data. The latter cannot be emphasized enough.

Backups and Retention

Prevent Your Smart Home from being hacked - Backup and Retention

Backup and save your data on external hard drives.

Do not connect anything to the internet which you are not afraid to lose. That is to say, make sure you can repair or restore any form of data loss. Backup your smartphone, and any computer operating systems as well. Most operating systems offer this feature for your convenience. Sensitive files should not be stored in the cloud either. Power down non-essential appliances at night or when you are not home as well. These things will cover many of the basics for prevention and maintaining clean cyber hygiene.

Be Mindful of what you Do Online

Be sure of your digital footprint. Every move you make leaves a mark. Don’t give in to any aspect of the fear. There will always be a way around the cyber attack. You cannot let them win. To prevent being a victim of ransomware that encrypts your sensitive files, be sure to backup your data and keep it off the network. An external hard drive will do. This will allow you to maintain a buffer in case any ransomware tries to lock up everything of value. 

Other than that, mixing the defensive and offensive strategies to your personal security online and in your smart home will be the best bet. Balance is critical here, and also be sure to realize that cyber security really isn’t that complicated. Having knowledge of preventative measures while using a basic understanding of the threat landscape to navigate into the future increases your chances of being unharmed even by the most persistent of cyber threats. Mindset is essential and be sure to not overthink cyber security problems. 

Even though the complexity of our technology can seem overwhelming, the modes of communication and transfer of information are relatively simple. The one thing that humans and computers have in common is the use of language. Just because you don’t understand how to speak a language does not mean it cannot be translated. Simplifying the presentation of cyber security information is part of the Simius platform, as this is built-in. 

Summary

In this article we discussed proactive ways to prevent your smart home from being hacked. In addition, we gave you tips on how to act if your smart home has been breached and your data compromised.

Ready to Try Simius?

Learn More



Kent Thachek is a Disaster Recovery Specialist and Programmer Analyst with background in Software Engineering, Bioinformatics, and Information Technology, as well as a co-founder of Simius Technologies, Inc. With over 15 years of combined experience in programming and cybersecurity, Kent has marked his passion for ensuring the success of all technical endeavors through attention to detail and effective communication.

Write a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Join our newsletter

subscribe-box