Intelligent home devices pose a security risk. Not (only) because of their functions, but rather because they offer hackers a good target. We discussed why this is so and how you can better protect your devices with a cybersecurity expert.
In 2020, at least one innovative home application was on the way in 7.2 million households. It is estimated that by 2024 it will be as much as 13.2 million.
No question! Smart home devices such as voice assistants, intelligent loudspeakers or even security cameras are practical. But they also pose a significant security risk because they can be hacked easily.
We talked to a cybersecurity expert about why manufacturers and users are better responsible for protecting intelligent home devices and why an intelligent toothbrush can be an attractive target for hackers.
BASIC thinking: according to current investigations, 34 percent of cyber attacks on access data in intelligent home devices occur via empty input fields. This suggests that the yield is high, so many devices are probably not protected with passwords at all. Why are owners so negligent on the inside?
Most users have no idea what specific risks are associated with using smart home devices.
Usually, there is often a lack of knowledge about how the devices must be secured – i.e. that both a router and the smart home devices need a password to offer a certain level of protection.
Yes, exactly. It is actually because the users are not fully informed here. But also that not all manufacturers are doing enough to protect their devices. Car manufacturers are a good counterexample.
You don’t have to put in the brakes and airbags when buying a car first. You can rest assured that the automobile manufacturers will take responsibility for safety and that the users will be informed about their contribution to security and how they should behave accordingly.
Intelligent home devices would have to be offered by the manufacturers so that commissioning without a password is not possible at all. Furthermore, it must be ensured that the configuration of the smart home device can be carried out by the user simply, quickly and safely.
There are various dangers. One is, for example, that the privacy of the residents is violated. This happens when an unsecured video camera is hacked via the Internet, enabling attackers to gain insight into the living space.
This is not trivial because it violates the residents’ rights and opens up the possibility of planning a break-in because the attackers can see that no one is at home.
Yes. Hackers can misuse video cameras and other innovative home items such as printers, toothbrushes or coffee machines connected to the Internet for their purposes.
For example, a large number of these devices have already been used several times by attackers to merge them as a bot network to very successfully improve the overall infrastructure of the Internet with the help of a DDoS attack, which has an enormous impact of up to 1.5 terabits per second.
This makes the Internet very vulnerable, is no longer reliable and thus endangers digitization.
The abbreviation DDoS stands for Distributed Denial of Service. These are attacks by Internet activists: inside and usually compromised IT systems (botnets), which are used to paralyze selected target IT systems in a coordinated manner with a large load of special requests by exhausting the available resources.
There are botnets with many bots (compromised IT systems): a thousand, ten thousand or even a million. If an attacker can use 100,000 bots, each bot has 100 kilobits per second upstream (i.e. only a fraction of the available bandwidth), then the attacker could carry out a DDoS attack with ten gigabits.
Both networks have long been known as a threat to the availability of services on the Internet. IoT bot networks represent a new level of danger for the Internet’s infrastructure. In contrast to conventional bot networks, IoT bot networks mainly consist of compromised IoT devices.
IoT devices have the property of being permanently available online with good bandwidth without direct user control. As a result, once the IoT devices are under the supervision of a hacker, they are always ready for an attack with high available bandwidth.
For this reason, manufacturers should protect their customers and be aware of their responsibility to society and prevent attacks on the Internet infrastructure.
Right. The attackers search the Internet for IoT devices, test whether these are still configured to the manufacturer’s default password and then bring unsecured devices under their control (botnet).
Compared to the usual methods such as “social engineering” or “email poisoning”, this approach enables an enormous reduction in the effort since poorly secured intelligent home devices can be attacked directly.
As experienced over the past few years has shown, the risk of attack by smart home devices is very high. Therefore, my appeal to manufacturers and users is to do everything inside to ensure that smart home devices cannot be attacked.
The rules for passwords are not complicated.
Ideally, the smart home device should not be accessible via the Internet because then attackers have no way of accessing it inside.
Most of the offers are run via an intelligent home cloud or digital assistants such as Alexa, who also carry out all activities on the Internet. To do this, the IoT devices must be addressed by the Internet.
But there are also solutions in which “management” can occur in the home, which means that the devices are not connected to the Internet.
If you're a blogger, you probably know how important it is to have an editorial…
Most Indian workers, in these days of emergency linked to Coronavirus, are rightly locked at…
After carefully combing Generation Y and Millennials, it is Generation Z's turn to be scrutinized.…
The virtual tour has become an exciting reality for small and medium-sized businesses. Until a…
At barely 26 years old, Evan Spiegel, the young prodigy founder of Snapchat, decided to…
They answer customer calls with a voice that sounds human, giving contemplated data and not…