These days, everywhere you look you find so-called smart devices. In the vast majority of cases, that means these things have a connection to the internet. Most folks are familiar with smart phones, as well as the slightly newer smart home speakers such as Amazon Echo, Google Home, and Apple Homepod.
Many more devices, though, are relying on the internet to keep their data, allow user access and update themselves. From thermostats to doorbells to garage doors, your home devices may be phoning home on a regular basis. Should you be worried?
Maybe, and your anxiety might not be for the reasons you’d think. It’s important to understand how smart devices use the internet to better grasp how they might be a problem.
Smart devices are part of IoT, the Internet of Things. This is mostly a semantic distinction as the internet they use to communicate is the exact same internet your laptop, smartphone and tablet use. However, as their connections generally aren’t happening with you looking on, they are in a category of their own. In most cases, smart devices use your home internet connection (and network) to operate.
And where is that data being transmitted to and from? Every smart device has a database of similar devices, most often run by the company that makes it. That means that the operational data on your device, in addition to information about your home network and location, is stored on the internet somewhere. This presents two issues.
The first unknown is at what level of security the vendor operates. If a hacker can penetrate the vendor’s defenses and obtain your data, hackers could get details of your home network (name, password), then they could use that to steal data from all the machines you have at home. Even worse, if you use the same password at other sites such as banks, this access could be used for identity theft.
The second pitfall is that the device itself may allow access to itself without your knowledge. Many manufacturers build in “back-doors” to smart devices, for legitimate reasons – remote updates, troubleshooting, etc. However, if those back-doors become known to others, your smart device could be an entry point to your home. Worse yet, hackers could control your device—turning your thermostat up to 90 degrees, opening your garage door, or recording from a security camera.
A further issue with smart speakers is your day-to-day privacy. All smart speakers send your requests and commands to a cloud server, where they are processed, and the results sent back to you. This means the vendors can eavesdrop on what you’re asking, and use that data to tailor what services and products you see on your other devices.
How can you protect yourself? First, do you need a smart device? A regular light bulb or thermostat might do the job just as well. Second, if you do have smart devices, make sure you don’t use the default user accounts or passwords they ship with. Doing so makes you doubly vulnerable to hacking. Lastly, make sure your home network has a firewall, all your devices have decent passwords, and that only users you know are accessing your network.
A smart home may be more convenient and efficient, but it also requires more vigilance from you, and the firms marketing the devices. You can control the former, but the latter may be out of your hands.