How to keep your smart home secure against this hack
Scientists at William & Mary identified a flaw in smart home security that have smart home owners worried, and rightly so. One simple hack -- taking advantage of something most people use at some point -- can give bad actors access to your entire smart home.
But you can lower your risk of being hacked with a simple technique.
We'll get to the protection technique in a minute, but first, let's quickly go over what this hack is.
The hack is this:
Over public wifi someone can access your laptop and then use that to get access to your smart home devices that aren't very secure, like your thermostat. From there, they can get access to more secure devices, hack into your home, and do basically anything they want at that point.
Most people hear something like that and think, "that will never happen to me."
But think about it from this perspective:
You go to Starbucks, and you login to their public WiFi. Being a tech savvy person you know that public connections aren't secure, so you use a VPN to protect your login information and payment information from anybody who is hiding out on the public network.
But, your VPN sits between the WiFi connection and the websites you're accessing. It doesn't sit between you and the WiFi. Someone who is on the same WiFi could get into your computer, and that is where your smart home hack can be initiated.
This is a hack called a lateral privilege initiation, and according to William & Mary associate of computer science professors Adwait Nadkarni and Denys Poshyvanyk, this is easier than you might think.
And the potential for chaos is extreme.
The hackers could disable your security system so you can be robbed.
They can terrify your children by messing with the lighting and climate.
They could even crank up your oven and try to burn your house down.
But, your risk for this hack can be largely prevented with this simple technique.
When in public, tether your computer instead of connecting to public WiFi.
Tethering is the act of using your cell phone's data connection to connect your laptop to the internet.
On iPhones it's pretty simple: you go into Settings then Personal Hotspot, and you turn your phone into a WiFi connection. Once this is setup, you take the connection information to your computer and enter it in your WiFi connection settings. The process is similar on Android.
And, just like that, you're using the internet in public without being connected to a dodgy public connection.
More and more cell phone companies are offering unlimited data plans, which have caps on speed once you use an enormous amount of data. Unless you plan on watching a lot of Netflix on your phone plan, you're probably never going to hit that cap.
Using your phone as a WiFi hotspot is a great way to connect to the internet while keeping your devices safer than if you were on public internet, and the odds are low you're going to hit your data cap.
Of course, this technique doesn't guarantee that your smart home won't be vulnerable to the lateral privilege initiation hack as devices may be vulnerable through other means, but it will prevent this particular scenario and help keep you safe.
If you're concerned, give us a call. All Zeus Integrated clients get monthly consulting and we can use this to talk about your security concerns.