Each day, billions of people around the globe actively participate in a digital economy and ecosystem using their handheld devices. Because of their practicality, enhanced computing ability, and easy Internet access, these devices enable anyone to mingle, chat and nourish friendships with people– some they’ve never met– across time zones, regions and cultures. They can study, learn and grow, all the time or at any time. They can improve their spiritual, mental and physical well-being. And they can procure the goods and services they need to make their lives, their homes and their communities better, sometimes with a simple swipe of a finger.
But the digital ecosystem is only as effective as the trust its members have in it. And when we expand our individual digital footprints, strengthen our digital personas, and allow others to capture our data, cybersecuring the digital ecosystem becomes even more important. This is especially true when these smart devices, which often contain large amounts of personal, financial and other sensitive information, migrate into our living spaces in the form of smart home appliances.
Many smart devices, such as virtual assistants, smart doorbells with IP cameras, smart thermostats, and even smart TV’s, are NOT designed with the highest level of security in mind. Because of that, they are unfortunately becoming lucrative cybercriminal targets. Rather than serving the function they were intended for, compromised devices serve the whims of the cybercriminal, enabling them to steal data like banking credentials, viewing habits, and browsing histories. In some cases, this data can be used to spur ransomware threats.
Some home network devices, after being hacked, can become part of a botnet. A botnet is a network of hijacked computers and/or devices whose combined compute power can be used to carry out various scams like Bitcoin mining, or distributed denial-of-service (DDOS) attacks. Compromised devices can also be used as a pivot point to access other devices on a home network, gaining access to personal and account information.
Back to Basics: 6 steps for creating a more cybersecure home
Homeowners and residential building occupants can take several practical steps to help reduce the risk of a cyber-attack:
- Remove the smart devices from the primary home network – Individuals who own or rent a Wi-Fi router that supports virtual LANs (VLANs) or just a Wi-Fi router that supports a guest network, can dedicate that guest network or VLAN for your smart home IoT devices. This will place the smart home devices on a segmented network that does not have access to the primary home network, which would typically be used to conduct home banking and other activities from a mobile device or home PC.
- Make sure your devices have auto-update turned on – The vast majority of smart home devices offer a software download auto-update option that users can turn on. When the auto-update option is enabled, the devices benefit from receiving ongoing and necessary security updates. The same is true for home routers, which also should have the auto-update capability set to “on.”
- Change cable modem and router default credentials – A cable modem, which enables a home network to connect to the outside world of the Internet, is also an area of cybersecurity concern. In some cases, the cable modems provide router and WiFi functionality. Sometimes a separate router/WiFi access point can be used. The credentials for cable modems are on a visible label affixed to the modem itself. Newer home routers will generally prompt the user to set a new password when they first connect. To improve the level of security, those default credentials should be changed on both devices. If the key or password is never changed, anyone with knowledge of the password can access the router and home network, enabling them to attack home computers and smart devices. In addition to changing cable modem and/or Wi-Fi router credentials, remote access should also be disabled. This will decrease the likelihood of an attack from an outside intruder.
- Change the name of your SSID – When a list of local Wi-Fi networks is opened on your laptop or phone, SSIDs (Service Set Identifier) is displayed, some of which may come from neighbors’ networks. Wireless routers or access points broadcast SSIDs so nearby devices can find and display any available WiFi networks. For an added level of cybersecurity protection, a user should change the SSID of his or her Wi-Fi, so it’s not immediately known what type of Wi-Fi hardware is being using. Identifying information, such as your name or street number, should not be used as part of the SSID. Turning off broadcast of the SSID can also help.
- Use a VPN (Virtual Private Network)- When working from home, the remote worker should make sure that he or she is connected to their company’s VPN. Utilize one of the many “personal” VPN service providers available on most mobile devices and laptops for protection when away from home. A VPN provides a secure tunnel between a home device and the corporate network (when working) or the outside world. It keeps all the information encrypted within that tunnel, preserving the confidentiality of the communications.
- Consider purchasing a more advanced firewall – Most homeowners and residential building occupants will not install malware protection and/or antivirus on smart home devices. Generally speaking, that’s not even possible. However, appliances can be purchased and installed on home networks that offer more advanced firewall capabilities (prices will likely range anywhere between $200 to $1,000, depending on the level of protection that is required). These solutions will identify malicious traffic signatures on home networks and will alert the home’s occupants if suspicious traffic is detected.
Recognize the importance of cybersecure products
For Schneider Electric, providing cybersecure offers is key to ensuring trust in the digital ecosystem, including within a home environment. Therefore, cybersecurity is at the core of everything we do and an essential element of our EcoStruxure platform. It means we not only continually strengthen our products with today’s cybersecurity threats in mind, we evolve our practices to address new threats and threat vectors. And to ensure secure, resilient offers, we follow a secure-by-design development lifecycle process (SDL) that has been certified to comply with the world’s leading and most recognized cybersecurity standard (ISA/IEC 62443). This coveted certification warrants that cybersecurity is considered in every phase of product development.
Within the context of our SDL, secure architecture reviews are performed, threat modeling of the conceptual design takes place, secure coding rules are followed, specialized tools are utilized to analyze code, and security testing of the product is performed. These actions help to “harden” products, making them more resilient against cyberattacks so that users have secure access to the data, services and goods needed to make their lives, homes and communities easier and more secure.
To discover how to help make your home and the digital ecosystems safer and more reliable, please visit our home security web page.