What Are The Hidden Dangers In Smart Homes?

By Turner Stephens
September 15, 2021

What Are The Hidden Dangers In Smart Homes?
Image Courtesy Of R ARCHITECTURE On Unsplash

Lois is 102 years old. She lives in Southern California. Grabbing her TV remote, she presses the button, and says, “Turn on Gunsmoke” and the smart TV starts streaming an episode from the 1960’s western drama. “You have a delivery,” announces the smart speaker Alexa, and Lois gets up from the couch and opens the front door to get the package UPS just left for her. Last week, Lois’s son Elias came over for dinner and they disagree over a fact. “I just asked Alexa about it and it told me right away,” Lois explains.

“I never thought about getting an Alexa but my son gave it to me a few years ago. It’s like magic. Lois explains. “When you talk to people you have to be sweet and respectful. With Alexa, I don’t have to do that. I can be in a good mood or a bad one and it does not matter. Alexa does what I ask. No emotion.” She continues, “I don’t have to do it but sometimes I say, “Thank you,” to Alexa and it responds, “You’re welcome,” Lois laughs.

“It’s like living in the world of ‘Buck Rogers’, Lois says remembering the 1939 sci-fi movie series about a hero from the 1900s finding himself in the 25th century.

Google the phrase “how the 1900s envisioned the 21st century home” and it displays “3,900,000 results.” Today is different from the novels, movies, TV shows, and cartoons that speculated what living in the next century would be like. Some predicted that every home would have robots that looked like C3PO from Star Wars that would act like butlers and do whatever is asked. Inventor Frances Gabe designed a self-cleaning home that would wash and dry itself on the inside using sprinklers in the ceiling and bursts of warm air from the walls. Scientist and sci-fi writer Isaac Asimov predicted that people would be living in vast underground cities or underwater communities in the early 21st century.

Over time, all of these ideas have evolved into reality – a home filled with devices that communicate with each other and share data through the Internet which we call the smart home. In a sense, the home is retrofitted to be a master robot (smart network) that enables humans to command the devices within it.

Companies advertise their smart devices promising the benefits of energy efficiency, a lower cost of utilities, and a safer home. Smart homes are supposed to appraise higher in the real estate market. But what people really love about smart devices is that they are so surprisingly convenient. “I don’t have to go to the computer and look up the music I want to hear on YouTube,” Lois says. “I just say, ‘Alexa, play Imagine Dragons,’ and I listen to my music.”

Alexa is an interactive speaker with virtual assistant technology. In 2018, Amazon sold over 100 million Alexa devices that can interact with over 100,000 different smart devices. Alexa started with only 130 skills in 2013 but now has 100,000 skills. Most people order online on their computers but in 2020 almost 11 percent shopped through Alexa.

Smart homes have internet-connected appliances and devices that can be controlled remotely using a mobile or networked device. The number of devices and types of services they offer is steadily increasing but the most common devices are security systems (locks, security cameras), smart virtual assistant/speaker systems (Amazon Alexa, Google Home, and Apple Siri), thermostats, kitchen appliances, lighting systems, and baby monitors. All smart home devices work through the Internet of Things or IoT.

According to Digital Market Outlook, the worldwide number of smart homes in 2025 is projected to be 478.2 million and the US will still have the most. Statista.com reports the following for the USA: 40.1 percent of the housing market will be made up of smart homes in 2021 and 53.7 percent by 2025 which will be a total of 77 million homes. In 2020, Statista reported 46.1 percent of smart home users were high income and 27.4 percent of smart home users were between 25 and 34 years old. Amazon, Google, and Apple have invested huge amounts in IoT networks which opened a market for many other companies to create and sell smart devices. The speed of smart home growth is directly related to the speed of building 5G infrastructure. The World Economic Forum estimates 5G technology will have 2.6 billion subscribers by 2025.

What does the term “Internet of Things,” or IoT, mean? The term was coined by British-born Kevin Ashton in 1999 when he was working to make Proctor and Gamble supply chains more efficient using RFID technology. Simply stated, IoT is a network of physical objects that are all connected to the Internet and gather and share electronic information. Smart homes are only a part of IoT. Governments use IoT sensors in roadways to manage traffic, sensors to detect flooding and earthquakes, and devices on first responders to monitor their location, respiration, and exposure to dangerous materials. Corporations use IoT devices to be more efficient and improve product quality, monitor shipping container locations and fuel consumption and operate driverless trucks and trains in mining operations.

There does not appear to be a clear definition of how many types of IoT services a residence has to have to be considered a “smart home.” However, if a house has at least 2 devices that connect to the Internet and continually share information throughout the day that would qualify a residence to be a smart home, though an extremely simple one.

Some negative aspects of smart homes are often acknowledged by experts. However, the deeper implications of these negative factors are often overlooked, particularly the fact that many smart devices are not engineered to be secure, and smart homeowners are poorly trained on how to make their smart home secure from online criminals.

Have smart homes proven to reduce crime? A smart home might not have a security system and so that home is just as likely to be robbed as a regular home without a security system. Statistics show that homes without a security system are 3 times more likely to experience a burglary. So, any reputable and correctly installed alarm system should be a deterrent to burglary whether it is in a smart home or a regular home.

ADT, Vivint, and Brinks Home Systems are the 3 largest alarm companies in the USA. Their systems are professionally installed and range from $37 to $40 per month for monitoring and support. Amazon Ring security system is a do-it-yourself installation and ranges from $3 to $10 per month depending on the type of support desired. The extremely low monthly cost for monitoring is the reason for the explosive growth of Amazon Ring sales.

Flipping the question around, do smart homes make one less susceptible to crime? If the smart home network and all smart devices are installed correctly and all safety precautions are put in place, then yes. The smart house is more secure to live in than a regular home. However, most people are not taking the proper precautions when installing smart networks and devices which puts them unknowingly at risk. Statista released a report in May 2021 for the previous 12 months on this topic. 35% of the US and Canadian respondents polled said IoT web cameras, laptops, desktops, and Wi-Fi connectivity in homes were broken into by hackers most often. Smart TVs and gaming consoles were the devices most often breached by hackers according to about 23% of respondents.

The idea of a hacker accessing various smart devices in your home is unnerving.  But home intrusions by a burglar or violent thugs are truly frightening. Security gaps in smart networks may give hackers access to unlock smart door locks and blackout surveillance cameras. Instead of using a smart security system some homeowners install reinforced security doors and choose a security alarm that isn’t an IoT device so it can’t be hacked.

So, the smart device market is exploding. The more smart devices a home has the greater the possibility that the user will have one or more of them hacked and give cybercriminals access to data from many of the other interconnected devices. The main reason for this is that the devices are designed to connect via the Internet and share data. They are not primarily designed to be secure. To make each device secure and the smart home safe is the responsibility of the people living in that home. Well, how do you do that? Wouldn’t that require being a computer geek?

Security and privacy experts have better insights into the safety flaws and preventive measures of smart devices than the companies manufacturing smart home technologies. These experts state that people leave themselves open to burglary. Smart home users do not take common-sense precautions that would keep burglars from targeting their homes.

 

The problem with smart home security is similar to that of other Internet-based technologies: social media, email, voicemail, and texting. People become familiar and trusting of these technologies because of their speed of interconnectivity and convenience. Criminals are creative and persistent, and most people are lax in basic Internet security precautions. Millions of people still fall for phishing and social engineering scams where they are encouraged to click on a hyperlink that secretly downloads malware onto their device. Clicking on dangerous links through a smartphone might lead to unsecured smart speakers revealing a user’s exact street address allowing hackers to spy on the user. Resisting the urge to click on suspicious links on one’s smartphone or laptop is an essential part of keeping the smart home network secure.

Criminals are opportunistic and 78 percent of convicted burglars said they used social media to learn when residents would be away from home. People can avoid giving a criminal an easy opportunity to break into their home by never posting their vacation plans or work schedule on social media, on their voicemail, or in group texts. If one feels like sharing vacation info on these Internet public venues it should be done only after one gets back home, if at all.

Shrinking the circle of trust might be considered anti-social. Yet ask a person to leave his car with the keys in the ignitions for a day at a busy mall parking lot. Also, ask him to leave his wallet on the front seat. Would that person think this would be a good idea because trusting others brings out the best in people? How likely would it be that the car and wallet and other items would still be at the mall when he returned? How is social media any different? How are unsecured smart homes any different? Social media is full of strangers, most of whom you will never meet and never get to know. Social media rewards people with likes, shares, and views even if people post information that puts their security at risk. People share personal and intimate information on social media that they would never share in a room filled with convicts and suspicious types. Smart homes are probed constantly for weaknesses by hackers. It is wise to protect one from being victimized by criminals. They cannot be trusted. It is naive to think social media platforms or unsecured smart networks and smart devices are inherently safe in this world of rapidly expanding cybercrime.

Criminal elements use tools to monitor the Internet every second of every day to locate potential victims for any crime imaginable. Cybercrime is projected to be a $10 trillion industry by 2025 according to Cybersecurity Ventures, the leading global researcher on the world’s cyber economy. If cybercrime was a nation, a $10 trillion economy would now make cybercrime the 3rdh largest economy in the world, right after China $14.7 trillion) and before Japan $4.98 trillion). But this dollar amount does not even address the emotional, mental and physical abuse that can victimize people through the Internet.

The point is, even though smart devices make life more convenient, fun, and maybe even exciting, don’t let down your guard. You need to make your smart house secure since the smart house will not do it by itself.

Just as vehicle owners must take responsibility for their safety with regular car maintenance and driving safely every moment they are on the road, social media and smart device users must take responsibility for securing their safety with proper precautions and anti-crime tools. Rambus, premier computer chip manufacturer, and security processes provider, figures 80% of the IoT devices are susceptible to various types of cyberattacks. However, once disconnected from the Internet these devices are unable to share any data with other devices or the Web and that eliminates the security risk.

We should be able to trust that companies will keep their promises, but like people, companies can do extremely stupid things that put us at risk. One example is Orvibo, a Chinese company serving about 1 million users in the US and other countries. It operates an IoT management platform and makes over 100 smart home devices such as smart locks, home security cameras, and sensors. In 2019 vpnMentor security researchers Ran Locar and Noam Rotem discovered Orvibo left its online user cloud database unprotected with no password. This database had 2 billion user records such as home addresses, passwords, email addresses, family names, account reset codes, and much more. Data was not encrypted but MD5 hashed (which is an insecure data method easily broken by professional hackers). Did any hackers go in and steal this data? No one knows because there was no login protection and no record of anyone accessing the data. Since that report, Orvibo says their systems are guaranteed secure, but they said that before their database was exposed was accessible to anyone who wanted to see it.

In 2021, Which? (a United Kingdom non-profit consumer education group), conducted a joint smart home security experiment with Global Cyber Alliance and NCC Group. A single home was outfitted with various smart TVs, thermostats, and smart security systems. These organizations jointly examined the attempted hacks that occurred over several weeks in May and June.

The smart home’s devices received 12,807 hacks and scanning attacks in one week alone. During that week, a common method used by hackers was trying to log in to the smart devices with predictable default usernames and passwords, such as ‘admin.’ This method was attempted 2435 times or about 14 times per hour.

An ieGeek security camera was accessed by an unknown hacker and used to spy on the smart home. The majority of the smart devices remained secure from attacks that week. The smart Epson printer was attacked more than any other device in the home. However, the Epson printer, a Samsung smart TV, and a Yale security system did not succumb to attacks even though they used default passwords. Luckily the default passwords were strong enough to prevent attacks. Most of the attacks came from the US, India, China, and the Netherlands. This test only lasted a few weeks, so it did not give hackers much time to probe for weaknesses of the smart home devices or any lax security precautions by the “owners” of the smart house.

Unfortunately, smart speakers listen to people in the home continuously while on. Google and Amazon speaker devices supposedly do not send data to the cloud before the wake word (“Ok Google” or “Alexa”) activates it. However, hackers who exploit security weaknesses might access smart speakers and state their own commands or steal speaker recordings. Security experts recommend regularly delete stored recordings, not pair speakers with security cameras and door locks, and turn off smart speakers when not in use.

Wardriving is a common method used by cybercriminals that allows them to search for unsecured wireless networks while driving around an area. Once they uncover unsecured Wi-Fi networks they use hardware such as packet sniffers, traffic analyzers, signal strength testers, and software tools to crack or attack networks to discover passwords or decrypt routers. The cybercriminals then post the unsecured network locations on digital maps (called access point mapping), and either plan to break into those networks later or sell the information on the cybercrime marketplace. Other types of this traveling cyber search method are warcycling, warbiking, warrailing, warwalking, and warjogging depending on the way the criminal is moving about.

People want the government to pass effective cybersecurity laws and corporations to protect their personal data. However, technology always outpaces laws. Industry innovation works in two directions – it rapidly creates exciting smart devices or adds more capacity to existing devices, but also creates many security vulnerabilities that are not discovered until months or years after the devices are sold to millions of consumers. Smart devices and the Internet are built for immediate connectivity and data sharing. Security is never the first concern for smart devices or the Internet. Therefore, to paraphrase President Kennedy, “Ask not what your government can do for you, do it yourself.” The government has a lot of traffic laws on the books, but it is up to the individual driver to drive safely all the time. The government publishes innumerable pages of regulations for food industry companies to follow to produce safe food. Yet, the individual is responsible for not self-inflicting illness by bad drinking and eating habits. The same concept applies here to data and smart networks. If you use smart devices, you are responsible for you making sure your smart home is safe because the smart house cannot do that for you.

Subscribe to U Cast Studios

Something went wrong. Please check your entries and try again.

Read the Latest

Lifestyle

Lifestyle

Read the Latest

Subscribe to Cast Studios

  • This field is for validation purposes and should be left unchanged.

The Talk Spot