Cyber security has been in the news a great deal of late, but what impact will it have on our homes? Costa Grigoras, Senior Engineer at Cyberhomes asks, are connected homes secure from hackers?
The amount of technology we are putting into homes is increasing at an unprecedented rate; and much of this technology is connected to the internet. Whether it is standalone devices like an Amazon Echo or a fully-integrated home automation and control system. Most of us are aware of the need to protect our home computers from viruses and hackers; with the recent ‘ransomware’ attack on the computers in the NHS being a timely reminder. But should we also be concerned about the other devices in our homes that are connected to the internet?
The heart of any smart home system is essentially a computer—a microprocessor running software to control and automate your home’s technology. Whilst it might not be a general-purpose PC running Windows or MacOS there is still the possibility that a hacker could write some malware to specifically target these processors. Similarly, a lighting control system, internet routers and even individual CCTV cameras all have processors in them that are theoretically capable of running rogue software if someone manages to hack into them.
Protection – the basics
So how do I protect my smart home from being attacked? Firstly, if you’re specifying a whole house integrated automation system, discuss with your installer how the system is going to be secured and make sure you are comfortable that they are seeing this as a priority.
At its most basic, the passwords for all the equipment must be changed from their default settings making it considerably more difficult for someone externally to access the processor. Your installer should also have ensured that the firmware on all the equipment is up-to-date to close any recent security vulnerabilities that may have been discovered.
Consideration needs to be given to the design of the property’s network to minimise the risk of home computers being able to infect the smart home technology and vice versa. Deploying VLANs (virtual networks), encrypted VPNs (virtual private networks) and firewalls all significantly reduce the risks when correctly configured.
Wireless networks are a very vulnerable point of access to a home network, someone can attempt to hack in without needing to be inside the home. Wherever possible, devices in fixed locations should be connected to the network with a cable.
Having a secure Wi-Fi password is essential, but homeowners are often only too happy to give out the password to almost anyone who visits the home. Setting up a separate guest Wi-Fi network that only has access to the internet and none of the home’s computers or devices allows the homeowner to restrict full network access to just trusted family members.
And don’t forget to consider the physical security of equipment. If a door entry system can easily be pulled off the wall and the wires shorted together to unlock a door (like they always do in the movies) owners aren’t going to think the house is very smart.
Devices must be securely fixed and, where possible, out of reach (eg mount external CCTV cameras at height). Use devices that encrypt the messages between each other, not those that rely on just ‘normally open’ or ‘normally closed’ contacts.
Keeping one step ahead
It’s not a once only fix. Keeping a system locked down is an on-going exercise as the hackers develop more ingenious ways to access devices. What might be considered a secure system today may not be tomorrow when a new exploit is found. A service and maintenance contract should be considered essential for any smart home installation – not only to keep it functional and reliable – but also to ensure it remains as secure as possible.
We’ve just scratched the surface of what’s involved with making a connected home secure; for more detailed advice speak to a CEDIA member specialist such as Cyberhomes.
Photos courtesy of www.cyberhomes.co.uk