Loophole into the home network: tips to better secure Smart Home devices

10. May, 2022

Security risks and data protection breaches are not just a matter of having the right defence technology. In addition to one’s own handling of online services, networked devices are also playing an increasingly important role: services such as smart meters, smart TVs, the smart lock on the front door or the baby camera in the nursery process and store very private data–and yet are often left out when it comes to cyber security. However, a single device with a security problem can be enough to make a home network with its many different services vulnerable to external attack.[1]

LAN/WLAN router as an important central access point

The Internet router at home is the central gateway to the Internet and provides the necessary connections for the local internal networks and all devices therein. Accordingly, it is important to set up this system in a fundamentally secure manner.

  • Immediately after commissioning, change the default password to a sufficiently strong and long password.
  • In most cases, the provider or manufacturer of the router can also be identified via the WLAN name. Here, too, assign a new, neutral network designation with good password protection to prevent attacks with standard identifiers.
  • If supported by the device, activate automatic updates.

Restrict connections – in both directions

  • To best prevent the various Smart Home systems from eavesdropping on others, move them to their own isolated network.

If the router supports the function, use the “Guest LAN” function to separate the networks. This feature offers an immediate improvement.[2]

If a service has an unnoticed security problem, this at least makes further internal spreading more difficult. The principle also applies in the opposite direction: If malware infiltrates via a client, the Smart Home systems are not immediately visible to the client.

Secure configuration of IoT devices

  • If available, smart devices should immediately receive their own secure password when they are put into operation.
  • Restrict the access of added smart systems, even if this means limiting convenient functions. For example, it would not be a good idea to have the front door opened by voice control if an intruder might be able do the same.
  • If a central portal is available for control or administration, use 2-factor authentication wherever possible.
  • If using a smart meter, i.e. a digital electricity meter, secure the account with the energy provider so that no one can access it without authorisation. The initial password is usually very simple and can easily be cracked.

Do not underestimate the confidentiality of data

At first, it may not seem important if someone has access to the current power consumption of the smart meter or knows the streaming list of the TV. However, this data immediately shows when you are at home or going on holiday. Just to prevent misuse of such supposedly trivial information, it is important to actively take care of the security aspects of smart home data as well.

Worth reading:

Are smart speakers listening?
Highest alert level: Remote code execution on IoT devices possible

Sources:

Red Teams, Blue Teams, Purple Teaming

Living Off the Land attacks

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download