How to Secure Your (Easily Hackable) Smart Home

As more devices and appliances with Internet capabilities enter the market, protecting those devices from hackers becomes critical. Unfortunately, many of these non-computer, non-smartphone devices — from toilets to refrigerators to alarm systems — weren't built with security in mind.

So what can someone who's already bought one of these devices do? When it comes to the so-called Internet of Things and the connected home, it's best to proactively secure the home network. There is no antivirus software for a smart TV, but you can protect your Wi-Fi network so hacking the TV doesn’t become a backdoor into your home.
 

How to make your connected home more secure

Here are some steps to protect your home network and the gadgets connected to it.

Secure the wireless network. The old Wired Equivalent Privacy (WEP) protocol is still widely used, but it is weak and easily compromised. Make sure the home wireless network is instead protected by the Wi-Fi Protected Access II (WPA2) protocol and a strong, complex password.

Give your Wi-Fi network an obscure name, or SSID, that doesn't give attackers personal information they can use in social-engineering attempts. For instance, don't call it "[Your Name] House." Instead, call it something random, such as "FBI Surveillance Van."

Disable guest network access entirely, and to be strict about who — or what — can get on the network.

Create two different Wi-Fi networks if your router can handle multiple SSIDs. Trey Ford, global security strategist at security company Rapid7, suggests one network for computers, tablets and smartphones used for online banking, shopping and general Web activity; another network can be for smart devices.

Good password management is essential. Neither network equipment (such as routers and switches) nor newfangled gadgets (such as smart TVs) should use default factory-set administrator passwords. Change each admin password to something suitably strong and complex, and regularly change them going forward. When possible, usernames should be also changed to make it even harder for attackers to brute-force their way in.

Firewall the network, either with a stand-alone appliance or software that ships with the router, to restrict incoming connections.

Most networked IoT devices include information about the ports, network protocols and IP addresses used in the owner's guide or the support website. Set the firewall to allow traffic on those specific ports and no others. Port restrictions will cut down on opportunistic network-probing attempts.
 

Security tips beyond the network

Once the network is secure, examine each IoT device you own— and what it is doing. Disable remote-management access and other powerful network tools if they won't be used.

Install security software wherever possible, such as on mobile devices used to control IoT devices. If attackers can access a smart garage-door opener or a smart thermostat via a malicious Android app instead of by hacking the device directly, they will go with the easier option.

Check manufacturers' websites for firmware updates on a regular basis, as Internet of Things companies can be slow to patch vulnerabilities and push out updates. Install each update right away. Updating the firmware is particularly important for networking gear such as firewalls and routers.

Pay attention to brands. Consumers expect smart-device vendors to take proper steps to secure the platform, Martincavage noted. But if the manufacturers don't take security seriously, or claim the underlying platform is "hacker-proof," be wary. Better-known brands are less likely to risk their reputations this way, he said.