Press Releases
Prague, Czech Republic, January 18, 2021: Advances in smart home technology are changing people’s homes, but they are also opening up opportunities for attackers. With new smart home devices being announced at CES last week, which will soon hit the markets, Avast security experts are encouraging users to shore up their home security when buying new smart home technology.
“Smart home devices can entertain and save us time to enjoy the things that matter, but they can also become liabilities with cyber attackers eyeing them as soft targets. Cyber attackers can exploit the security weaknesses of smart home devices to gain access to your household networks to take sensitive data or, even more alarmingly, to take control of your devices and monitor you and your family,” said Luis Corrons, Avast’s Global Security Expert.
According to IDC, worldwide IoT spending has grown to $742 billion in 2020 alone. Avast numbers also show that the share of households that have five or more devices grew strongly in many countries like Germany (37%), Australia (26%), Argentina (24%), Japan (21%), Brazil (16%), and Mexico (15%).
“People looking to upgrade or start investing in smart home technology this year should consider buying devices from well-known reputable manufacturers which are more likely to have more security features and provide device updates, so firmware can be updated with latest versions and patches. When you set up your device, ensure you change the default password to something complicated and consider installing a digital security product, like Avast Free Antivirus or Avast Premium Security, that allows you scan your local network for unsecured IoT devices,” added Corrons.
Here are Luis Corrons’, Avast’s Security Expert, simple steps to help households reinforce their security around smart home devices:
- Take the time to pick the right smart home devices – When buying a new smart home device, consider buying products from well-known reputable manufacturers. They are more likely to have produced devices with security in mind. Also, check that they provide security updates so firmware can be fixed if required. Before you add a new connected device to your network, take the time to understand everything about it, including how it collects and uses your data and the device features to ensure you understand what you can disable for extra security.
- Change default password - Take this as a rule for any device that comes with a default password, not just your Wi-Fi router. Always change the default password to a complex password, which should be a combination of capital and lowercase letters, numbers and special characters if possible. By choosing not to update default login data, homeowners are making it easy for hackers. Most bad actors can guess a default password, allowing them to breach a network and even link a smart home device to a botnet, a collection of internet-connected devices controlled by cyber-criminals.
- Set up two-step authentication - Where possible, homeowners should also strengthen device security by using two-step verification, a process where two authentication methods are needed to gain access which can help prevent attacks if your password is discovered.
- Update ASAP always - It cannot be stressed enough — keep the firmware of your IoT devices updated with the latest versions and patches available. The cause for most of these updates is because a security flaw has been found and exploited in the previous version. You want to stop running that compromised version right away. Also when considering a new IoT device, take a look at its update process. Make sure it’s easy and straightforward and that you are notified when a new update is ready.
- Consider splitting your home network - Splitting a home network in two could also be beneficial. Homeowners should keep devices carrying sensitive data - such as laptops and smartphones - on a different network from those supporting smart home devices. By using this set-up, a hacker would not be able to directly access a personal laptop if they breached a smart home device. This network could also operate as a secondary network for guests, protecting sensitive devices if their bad browsing behaviour leads to a security problem.
- Consider cybersecurity - Everyone’s protection is in their own hands these days, so it’s a good idea to call in reinforcements for peace of mind. Consider installing a digital security product that assesses your IoT devices connected to your network, reporting anything abnormal. Wi-Fi Inspector, which is part of Avast Free Antivirus and Premium Security, runs locally on a user’s personal computer and performs network scans of the local subnet to check for devices that accept weak credentials or have remotely exploitable vulnerabilities, alerting users to security problems it finds.
Erase your personal data from old smart home security before disposing – If you are getting rid of older smart home security products, make sure that you erase all your data and personal information, delete your account if you no longer need it, and perform a factory reset of the device. Also, make sure to remove the device from your online accounts, networks or apps that you have linked them to.