Consumers using smart appliances without regard to security may attract hackers and thieves, making smart appliances voyeuristic.
Repeated studies show that devices designed for home automation have serious weaknesses, and HP's survey of 10 off-the-shelf home security systems shows that many devices have weak password policies and are unable to guard against man-in-the-middle attacks. Others do not have the debug interface to block access to the device, which could make the device vulnerable to hackers, according to a April study by code security company Veracode.
And, according to a study by security company Synack, almost any device can easily be compromised and turned into a Trojan horse if an attacker has access to the device - in fact, it takes only 5 to 20 minutes for a researcher to turn on the hardware Time to find a way to invade every device.
With the camera cleaning robot, is responsible for monitoring the family's children or pets guardian ... ... More and more smart home devices into the family at the same time, some security breaches frequently broke out.In the hands of some lawless elements, they cracked by software or IP Address easily invaded and controlled these smart appliances camera, the camera to the bedroom or bathroom and other private places, spy on personal privacy, so smart appliances voyeurism.
Even more frightening is that even behind the formation of a theft and theft of the private industry chain.In some QQ group, camera cracking software and camera IP address is open for sale, ranging from tens to hundreds of dollars. In addition to glimpse of privacy, there are sellers Secrets of private videos as porn videos for profit.
Technology companies are really struggling to get their products to market and really compete in the Internet of Things, but there is not a single security officer on their team, so there are a few minor issues that are overlooked. "Colby, a security research analyst at Synack, Moore said, 'Most companies have ignored the basic principles.'
According to market research firm Gartner, global corporate security spending will reach 96.3 billion U.S. dollars by 2018, up 8% from 2017. Due to regulatory changes, buyers' mentality, emerging threats and the evolution of digital management strategies to By 2020, more than 60% of businesses will invest in a variety of data security tools such as data loss prevention, encryption and data-centric auditing and protection tools, which have risen from the current level of about 35%.
IDC expects global internet of things (IoT) spending to reach $ 772.5 billion by 2018, an increase of 14.6% over the $ 674 billion it will spend in 2017.
Although the Apple Watch may be the best-known device on the Internet, many of the things you'll be connecting to in the future will be part of your smart home. Unfortunately, the craze for home automation has not been achieved Some security, on the contrary, provides more attacks for cyber-attackers.
Brandon Creighton, security research architect at Veracode, said in a statement: 'We are very excited about the realization and future growth of the Internet of Things, but that does not mean that cybersecurity is a victim in the process.'
For example, security company Synack tested cameras, thermostats, smoke detectors, and home automation controllers looking for security holes. The company considered four scenarios that could affect consumers: hackers intrude home devices in two minutes, Stole, overhear, monitor victims at the cafe network, and more sophisticated hackers successfully modify smart appliances before the victim buys.
Every device has security flaws, for example, consumers want to control their home via a smartphone, which means losing their device can have a big impact on home security, and many do not use encryption.
'I have to say that I was shocked and very, very shocking,' said Moore.
For those consumers who embark on a home automation journey, here are some of the easiest steps you can take to keep smart home appliances from getting gruesome.
Lock the router
A router is the home's digital channel, and a router with a low security factor makes it easy for attackers to access all the smart appliances in your network. For example, in June of this year, Ms. Hu in Hangzhou found her camera was not Operation, his move.He logged in mobile client and found only one of her user bound camera, as many as two users online at the same time.In early August of this year, Ms. Huang in Chongqing at home using the camera, they also found installed The camera on the ceiling turned itself in. She used the computer to view it and found that in addition to her own account, strangers were watching the camera.
The user should invest in a router with a good security record, make sure that the default admin password has changed, and run the current firmware.
Prevent tampering with the device
According to research by security company Synack, using smart appliances for two minutes did not give attackers enough windows to modify the device, but devices with the USB update mechanism were vulnerable to rapid intrusion.
Home users should place their devices in places that others can not easily access, with particular emphasis on devices that have management ports.
Use cloud services
Cloud services are designed to help consumers manage home automation devices such as Vivint, ADT or similar service providers and often spend money, which can lead to privacy and security issues if not properly protected.However, in most cases, Service Providers can better protect their services than home users, and if you do not use cloud services, you will be responsible for checking the security of the system.
Therefore, consumers can spend a certain amount of money, choose to rely on cloud service providers to make their home automation more convenient and more secure.However, the user does need to select a complex password, and should ask double authentication, which is to access the account Added another layer of security.
Update the device
In contrast, many developers who develop software for home automation products are new to security, and David Jacoby, a security analyst at Kaspersky Lab, tried to break into his own home and found some in his home storage products Simple vulnerability.
'Developers have an excuse to say they're not security workers,' he said, 'but we need to get vendors patching what they know about.'
He said that as security features need to be improved, application updates are a crucial step in ensuring that home automation devices remain safe in the simplest of attacks.
Choose well-known brand
A company that has just been involved in smart appliances will not take the security of their products seriously, says Moore of Synack, a consumer-focused company focused on products and products.
'Of course you would be a reputable person who would rather stand by,' he said, 'at least they will be standing behind their products and keep rolling out updates.'