With innovative and in vogue “smart home” devices, you can control your home’s lighting, temperature, sprinkler system, door locks, TV, even dinner…all with a smartphone app. Maybe that’s why these high-tech household helpers are already in millions of American homes – with predictions that by decade’s end, some 50 billion household devices will be connected to the internet via the user’s home Wi-Fi network.
But these gizmos, part of increasingly popular Internet of Things technology designed to help homes operate more easily and efficiently, also bring risk. Millions have already been hacked, used for nefarious purposes ranging from screaming obscenities at a baby to being enlisted as soldiers in a botnet army that, temporarily knocked offline top websites including Amazon, PayPal, Netflix and Twitter, as demonstrated last October in what some experts believe was a “test” cyber attack to gauge vulnerabilities.
And the more connected you home is, the better chance cyber crooks can use those devices to track your movements or remotely access your home computer and smartphone to glean email, banking and online shopping data. Your defense:
Change default passwords. Make sure you don’t use the manufacturer’s default password on your router or any smart home device. Most people never change those typically weak, factory-issued passwords – and that’s why so many devices, including routers, printers and cameras, were enlisted for the October attack. Each device should have a unique (and strong) password. A password manager can help: Popular versions that use cloud technology include LastPass, Dashlane and 1Password; apps on your computer’s hard drive include RoboForm, Password Safe and KeePass.
Create separate Wi-Fi networks. You want one for your computers and another for smart home devices. Many routers have a guest network option, which you can use for smart devices. Or you can purchase a separate internet connection for the new-fangled gizmos, or split an existing internet connection using a virtual local area network (with help from a tech-savvy buddy or Geek Squad-type business).
Stay “updated.” Promptly download legitimate updates when you receive a legitimate prompt for your connected device. These can improve function, and include patches for newly discovered security vulnerabilities.
Disable unnecessary features. Deactivate functions you don’t need – especially cameras and microphones, which are hackers’ most favored exploitable features.
Use multifactor authentication. Many smart home device apps offer two-step authentication that users can opt into under “settings.” In addition to your password (something you know), this second layer of protection could be a security key or a one-time code sent to your cellphone (something you have).
Don’t use public Wi-Fi. Turn off the “automatically connect” setting on phones and don’t access device apps in airports, coffee shops or other vulnerable locations.
For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.