Three things to consider before buying an IoT home device

Kaspersky Lab has recently put some of the newest Internet of Things (IOT) devices to a security test and surprise, surprise – none have passed it. The researchers looked at a USB dongle for video streaming, a smartphone-controlled IP camera, a smartphone-controlled coffee maker, and a smartphone-controlled home security system.

Almost all have failed and gave hackers valuable information into the connected home, which is why Kaspersky Lab warns everyone to take a few precautionary steps before buying a smart appliance or similar IoT device:

  • Before buying any IoT device, search the Internet for news of any vulnerabilities within that device. The IoT is a very hot topic and a lot of researchers are doing great job of finding security issues in products of this kind.
  • It is not always a great idea to buy the most recent products released on the market. Along with the standard bugs you get in new products, recently-launched devices might contain security issues that haven’t yet been discovered by security researchers. The best advice here is buy products that have already experienced several software updates.
  • When choosing what part of your life you’re going to make a little bit smarter, consider the security risks. If your home is the place where you store many items of material value, it is probably a good idea to choose a professional alarm system, that can replace or complement your existing app-controlled home alarm system; or set-up the existing system in such a way that any potential vulnerabilities would not affect its operation. When choosing an IoT device that will collect information about your personal life and the lives of your family, like a baby monitor, it may be wise to choose the simplest RF-model on the market, one that is only capable of transmitting an audio signal, without Internet connectivity. If that is not an option, then – choose wisely.

A baby-monitor camera in the experiment allowed a hacker, whilst using the same network as the camera owner, to connect to the camera, watch the video from it and launch audio on the camera itself.

A smart coffeemaker examined during the experiment was sending enough unencrypted information for an attacker to discover the password for the coffeemaker owner’s entire Wi-Fi network.

A smart security system proved secure enough not to be hacked, but was fooled with a magnet – it will only trigger if a magnetic field on a window or a door disappears. Bring a magnet with you and - voila!