While most Americans were trying to take advantage of Black Friday sales last weekend, hackers in South Korea pulled off what is perhaps the most damaging hack in smart home history. The as-yet-unidentified hackers recorded photo and video from more than 700 different apartment complexes and held it ransom or sold it outright for Bitcoin.
The entire incident is the stuff of nightmares — the realization of fears about the smart home industry and what it means to allow cameras and other recording devices into the home without sufficient safeguards in place.
Does this mean you should disconnect your devices? Absolutely not. This most recent hack is the culmination of a comedy of errors. Many of the affected apartment complexes operated on a single subnet, which meant hackers only needed to break through a few firewalls to gain access to the entire building. In South Korea, many buildings have built-in smart home tech, and this tech was the target of the attack.
In the United States, you have a firewall through your router. All of your smart home devices have layers of protection that make them difficult to penetrate. While there is no such thing as a hack-proof device, the chance of someone actually breaking into your smart home devices is highly unlikely.
Smart homes have been hacked before
Hackers have broken into smart home technology before. In 2018, a hacker contacted a man and — nicely, if you want a silver lining — informed him that his information was vulnerable. He did so through the man’s Nest IQ Cam.
In late 2019, a woman went to the CBSN Los Angeles station because someone had hacked into her Ring security camera and made explicit comments toward her. Another instance took place in that same period, but this time the hackers were speaking to an eight-year-old girl in her bedroom.
The situation grew dire enough that a class-action lawsuit was filed against Ring in 2020 to force the company to address the problem.
These kinds of events are terrifying in the best situations. Even if it isn’t a malicious act, a bit of messed-up code can throw a wrench in the way smart homes work. Earlier this year, Eufy accidentally showed users the inside of other people’s homes. According to the company, this error occurred during a software update and was quickly resolved.
There have been other instances, too. Google came under scrutiny for sending its Google Assistant recordings to a third-party company for transcription. While the company uses this information to improve the responsiveness and understanding of its smart assistant, users have an expectation of privacy that wasn’t met.
What you can do
Even though instances like this are incredibly rare, it’s still unsettling to think about. You aren’t powerless against a malicious hack, though. There are steps you can take to better secure your smart home and reduce the likelihood that anyone will gain access to your network.
Smart home companies have already taken steps to lock down their devices. Many have implemented optional two-factor authentication, while some companies even require it in order to use the device. This one step is often all it takes to lock someone out of a device, and the best part is that it’s easy to set up.
More and more companies are coming around to the idea that physical privacy shutters are a must-have with regard to security cameras. It’s one thing to be able to disable the camera from within the app, but a solid piece of plastic blocking the lens brings more peace of mind.
Enabling two-factor authentication and using cameras that allow you to physically disable the lens are two easy steps, but that’s not all you can do.
Bolster your passwords
Improve your password to your devices. Don’t use the same password to log in to your security camera that you do for your Gmail account, and try to vary usernames between devices. Using the same login is convenient, yes — but it’s also a security risk.
You can take this even farther by deleting your smart assistants’ recordings. The last thing you want is for it to accidentally overhear a discussion about your finances or your bank account number.
The South Korean hack will leave many people wary of smart home technology for a long time to come, but the truth is that this sort of event is exceedingly uncommon. If you take the time to utilize all of the privacy tools available in modern smart home technology, you don’t have much to worry about.
