Nothing is more valuable to you than your family. And nothing is more precious to your family than your home.
So, you keep it secure. You have deadbolt locks on your doors and latches to secure your windows. Why? To keep the bad guys out. You'd never hand a copy of your keys to those criminals, would you?
Of course not. Unfortunately, as it turns out, a new wave of Internet-connected devices in your home are letting hackers easily break into your home, and put your family at risk. It's like handing over a copy of your keys to them.
A team of university researchers found major security gaps in the No. 1 Internet-connected gadget, Samsung's SmartThings. But these dangers apply to anyone with Internet-connected appliances and other smart gadgets.
"I would say it's OK to use these as a hobby right now, but I wouldn't use it where security is paramount," University of Michigan professor Atul Prakash told Phys.org.
These researchers proved there are at least four scary ways hackers could bypass your smart-home gadgets to get into your home, or manipulate the gadgets in it. It's important to note that their experiments were performed on real SmartThings systems. Samsung is aware of the security flaws and they're working on fixes.
The overriding problem is when more than one Internet-connected devices are networked together and remotely accessed. For example, you probably use your smartphone to open your garage door, turn the thermostat up or down, and much more.
Note: To put this risk in perspective, just one of Samsung's SmartThing apps, on Android smartphones and tablets, has been downloaded 100,000 times, so people can remotely control their home and appliances. But there are at least 500 third-party apps in the SmartThings store.
Here are four ways the researchers proved that hackers could break into your home:
- Stolen PIN: They used a lock-pick malware app to remotely copy a person's personal identification number, then texted it to a hacker
- Remotely create spare key: They were able to create a second PIN to allow burglars to open your front door
- Turn off vacation mode: The researchers were able to remotely control a SmartThing users' lights and other Internet-connected systems you use to deter burglars
- False alarm: They were able to remotely set off your Internet-connected fire alarm
So, what can you do to stay safe if you're using Internet-connected home appliances and gadgets? Limit the number of gadgets that you network together, according to these researchers. And don't get too accustomed to the convenience of remotely controlling your home from your smartphone.
As one of the lead researchers in the study said: "Letting it control your window shades is probably fine."
The point is, to be safe, you may want to delay connecting your home's devices to the Internet, until Samsung and other manufacturers dramatically improve their systems' safety features.