Smart home security systems have undoubtedly revolutionised the way we safeguard our homes, offering a sense of control and enhanced safety. However, as with any technology, the security of these systems is of paramount importance.
Security devices for smart homes are readily accessible and being more commonly integrated into South African households. These include motion-sensing cameras, lights, alarm systems, smart door and window locks, video doorbells, and Wi-Fi baby monitors. Moreover, smart home hubs or controllers such as Google Nest, Apple HomePods, or Amazon Echo enable users to control them.
However, the very technology that brings convenience and a sense of safety could also be the weakest point in home security, warns Doros Hadjizenonos, regional director at Fortinet.
“Hackers might access your network or device. The most common use case we see is when hacked devices are used to launch a DDoS attack on organisations. However, it is also possible for hackers to use these devices to steal data, spy on people, or even unlock all the smart locks and simply walk into your home,” he says.
To mitigate these risks, Hadjizenonos recommends implementing proactive measures, such as not connecting home security devices to a smart home hub. This precaution aims to prevent potential control of the hub or external instructions that could compromise the security of the home.
He explains that IoT devices such as motion sensors rarely have the computer capacity for installed security software and many have passwords hard-coded into their firmware, which makes them less secure.
For this reason, in April 2024 the United Kingdom became the first country to ban weak or easily guessable default passwords, such as “admin” or “12345”, from IoT devices. The EU’s Cyber Resilience Act (CRA) will also include a similar requirement for better default security. IoT devices imported to South Africa from the EU will be required to comply.
It’s important for consumers to fully secure the network that IoT devices connect to and protect the router with a complex password. Users should also password-protect their mobile phones or tablets that are used to control smart home devices to mitigate the risk of loss or theft.
Maintaining a cautious approach towards inexpensive, insecure connected gadgets is vital, Hadjizenonos stresses. “Choose devices with solid security standards, encryption and multi-factor authentication in place, and be wary of cheap, insecure connected gadgets.”
He says it is also important to check for device security updates and install them regularly, if the devices do not do so automatically. “To protect every device individually would be difficult, therefore you should create a separate virtual local area network (VLAN) for your security devices,” he adds.
As the prevalence of smart home security systems continues to grow, so too does the necessity for an increased focus on cybersecurity. “As cybersecurity specialists, we believe in the power of technology we enable it and want to make it secure. However, people still remain the weakest link in the chain. That’s why we offer free training on cyber security fundamentals to help people mitigate risk.
“It is through awareness, vigilance, and a commitment to staying informed that individuals can navigate the growing landscape of smart home security with confidence and peace of mind. By implementing these recommended measures and maintaining a proactive approach to security, homeowners can take meaningful steps towards ensuring the safety and security of their smart homes,” Hadjizenonos concludes.