September 17, 2018updated 12 Aug 2019 2:17pm

How safe is your smart home? Study finds vulnerabilities in popular smart devices

By Ellen Daniel

Some 127m smart home units are expected to be sold in the United States in 2018, with the global smart home market expected to be worth $53.5bn by 2022 according to Zion Market Research.

However, could the introduction of an an increasing number of connected gadgets leave smart homes vulnerable to hackers?

To test this, Internet security company vpnMentor worked with a team of ethical hackers to assess the safety and privacy of some of the most popular devices found in smart homes.

The research revealed how likely it is for a hacker to hack these devices and access private information, including audio and visual footage and sensitive information such as bank details.

Three popular devices were hacked

Hackers were able to gain access to all the devices tested.

One such device was the first-generation Amazon Echo. Hackers were able to open the device up and manipulate it using a specially crafted SD card. This means that malicious actors could live stream audio from its microphone, and remotely use its services.

With one in six US adults (or around 39 million people) now owning a voice-activated smart speaker such as the Amazon Echo, this could leave millions of homes open to malicious attacks.

The ethical hackers also assessed the security of other smart devices, including the Samsung SNH-1011 smart camera. In this test they were able to access the camera’s feed remotely, reset the device’s password and obtain its IP address.

The hackers also tested the security of the first-generation Ring smart doorbell and found that it was possible to turn the device into an unprotected WiFi access point.

How can smart homes be protected?

The lack of robust security in many smart devices was further highlighted in a study conducted by the Ben-Gurion University, which found that some devices could be compromised simply by googling the factory settings passwords. This is due to the fact that many users fail to change the default password when they set up the device.

Although these findings are worrying, vpnMentor has compiled a list of recommendations to protect owners of smart homes from becoming easy targets.

This includes only buying smart gadgets from an officially certified source, ensuring smart devices are properly configured and regularly updated, keeping externally facing smart devices on a separate network, and being aware of any signs of physical intervention.

Co-founder of vpnMentor Ariel Hochstadt warned that it is important to remain vigilant when using smart devices in the home:

“If you are going to introduce smart technology into your home, it is important that you remain attentive with your devices to ensure that only those you trust have access.

“By following our set of simple rules you can ensure the best security practices have been met and saving you from becoming an easy target for crime.”

Verdict deals analysis methodology

This analysis considers only announced and completed cross border deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: ,