Skip to main content

On edge after the DDoS attack? Here’s how to prevent your smart home from being hacked

smart home security precautions 42356423  remote control system on a digital tablet or phone
scyther5 / 123RF Stock Photo
We may never know who was actually responsible for the internet DDoS (distributed denial of service) attack last week. Post attack analysis, however, revealed that the hackers took over hundred of thousands of devices, many of them smart home devices, to run the attacks. If you want to protect your smart home devices from being hijacked for future DoS attacks and to keep outsiders from hacking into your home systems, you need to be proactive in taking precautions, according to Recode.

Recode reports that the primary hijacking method in the attacks last week involved breaking through passwords. In too many cases people who set up networks and smart home systems in their homes left default passwords in place. People often don’t stop to consider security in the anticipation of benefits and during the sometimes confusing setup steps involved.

Recommended Videos

There aren’t many steps to take to add significant protection to your smart home, and you don’t have to be a security expert. But you should consider taking basic precautions and perhaps revisiting them each quarter and anytime you add a new device or system to your home.

Please enable Javascript to view this content

Passwords

Passwords are your first line of defense, on two levels. Any user who has access to your home systems has a password. Also, there is generally an administrator or “admin” password for people with permission to reset or reconfigure the system. Manufacturers often ship devices with default passwords and recommend in the installation instructions that you change the password either during installation or at a later time. Guess what the most common default password is? It’s “admin,” and has been for years.

Beyond that extremely simple guess, which sadly works too often, hackers know or can easily find default user and administrator passwords for major brands online. Many manufacturers use the same default passwords across all lines of products, so all hackers need to know is the brand of your equipment to get in.

Device ID names

Also, taking a page from home network security, if your device is visible on the internet to anyone with a scanner (which can mean a regular smartphone), be sure to change the device ID if you can. Often the default device ID includes the manufacturer’s name — which right off tells hackers what brand you have and since you haven’t changed it, that tells hackers all your home systems and devices may be vulnerable.

Note: if you do change your device or system ID, don’t use your name or address in the ID — that just makes you an easier target. Much better to have a nonsense name that doesn’t, for example, correspond to your favorite football team that’s also on your car bumper sticker. If hackers are scanning neighborhood network access points and see an address, their job is easier. Your job is to be invisible or undetectable from the crowd so they’ll hack your neighbors instead.

Stay up to date

Be sure you have updated hardware for devices like routers and access points that can provide an open door to all the other systems in your home. Hackers stay up to date on system and device vulnerabilities, so don’t be caught with an older, wide open device. At least be sure to update your components’ drivers, software, and firmware whenever advised by the manufacturer.

Secure your systems including your home network

Having an open network may sound neighborly so friends next door can share your Netflix account or other services. However, not only can you lose bandwidth (speed and capacity) for your own internet use, you can also be giving your neighborhood hackers and anyone who walks or drives by an invitation to take over your system. With network routers and access points, definitely select “secure” or “encrypted.” You’ll be offered security options in many cases, which assumes you know the difference. When in doubt, go with WPA2 if that’s on the list.

Stay off the net

Some smart home devices don’t rely on an internet connection in order to function. If you don’t care that your smart appliance can connect to the manufacturer for service monitoring, turn that feature off if possible. The fewer devices in your home that connect to the internet, the fewer open doors you offer to the hacking world.

Inexpensive devices can cost you

Be careful when choosing and buying smart home appliances and devices. Sometimes you can get a better price for what seems to be identical quality and function from a more obscure company. That savings may cost you, however, as the largest companies have the budgets needed to build, maintain, and update security factors. After last week’s DDoS internet hijacking, Chinese security camera maker Xiongmai Technologies said that its IP cameras were hijacked and used in the attacks, according to Krebs on Security. Xiongmai’s cameras are used by other manufacturers in their own devices.

Bruce Brown
Bruce Brown Contributing Editor   As a Contributing Editor to the Auto teams at Digital Trends and TheManual.com, Bruce…
Your PC’s security is being attacked on two new fronts
Person using Windows 11 laptop on their lap by the window.

Your PC is facing a double whammy of cyber threats, both of them built into basic Windows features -- one that exploits Windows search and another a Wi-Fi vulnerability.

The first vulnerability allows hackers to exploit search in what researchers have called a "clever" way, as reported by Trustwave. It begins when users are tricked into downloading malware, starting with phishing emails with malicious .ZIP attachments containing HTML files disguised as invoices or something along those lines.

Read more
Ecovacs Deebot X2 Combo vs. Dreame X40 Ultra: Which robot vacuum is best for your smart home?
The Ecovacs X2 Combo installed in a home.

The Dreame X40 Ultra and Ecovacs Deebot X2 Combo are both well-rounded robot vacuums. They bring heaps of functionality to your home, including self-cleaning docks, robots that can both mop and clean in a single run, and luxurious designs that blend with most home décor. All that doesn't come cheap, and you'll be spending well over $1,000 to get your hands on either robot. That means you'll want to carefully weigh your options before making such a hefty investment.

From vacuuming and mopping performance to pricing and additional features, here's a look at the Ecovacs Deebot X2 Combo and Dreame X40 Ultra to help you decide which is best for your home.
Pricing and availability

Read more
Ring Pan-Tilt Indoor Cam vs. Ring Stick Up Cam Pro: Which is better for your home?
The Ring Pan-Tilt Indoor Cam next to a smartphone.

The Ring Pan-Tilt Indoor Cam is one of the latest products from Ring. It allows users to control the camera remotely, giving them a simple way to see all corners of their home. It's also much more affordable than the existing Ring Stick Up Cam Pro, which offers plenty of cool features, but can't pan or tilt.

That makes it difficult to determine which is best for your home. Should you opt for the premium Stick Up Cam Pro, or is the Pan-Tilt Indoor Cam a better option due to its cheaper price tag? Here's a look at the two security cameras to help you decide.
Pricing and monthly fees

Read more