Connected cameras and other smart-home devices promise a Jetsons-esque future. But as arecent hijacking of more than 100,000 networked cameras and DVRs demonstrates, they also provide fertile ground for hackers.
“You should make the assumption that anything that’s internet accessible is hackable. If it has a camera or a mic built in, it can be taken over,” said Kenneth White, a security researcher and director of the Open Crypto Audit Project, a nonprofit that promotes cybersecurity.
To protect yourself, you have to have the right perspective. “You need to take this seriously, but not be afraid of it either,” he said. Once you accept that hacking happens, embrace the security at your disposal. Here are some easy tips to help you step up your smart-home defenses:
Research before you buy.If you’re shopping for any smart-home device, search online to see how often its maker issues security updates, and how open they are about security vulnerabilities when they do inevitably happen. If they don’t talk about security, that’s a red flag. And the less you pay, the less protection you can expect. “If the camera is $50 or $99, its security features are going to be bad,” said Mr. White.
Update the firmware.Use the instructions that come with the device. (Often, you can do this with the product’s app.) Even update a brand new product, because this can change day to day. If the product has an auto-updating option, use it. Set a calendar reminder every month to check for updates on all of your cameras, thermostats and other smart home products.
Change the password.The best bang-for-buck hackers get is from trying the default username and password for popular devices thousands of times over. It is best to use secure passwords, and to not use the same password for all your devices and accounts. (If you have trouble coming up with good passwords―and remembering them―a password manager like Dashlane can help.
Secure your router.That means updating firmware, changing the default admin login and choosing a new strong unique password. While many products such as cameras have online logins that your router can’t defend against, it never helps to leave your network’s front door wide open. If you don’t already have your Wi-Fi security set to WPA2 , do it now. All new gadgets will support it. (If it doesn’t, don’t buy it.)
MoreOne-Hour Security Drill: Five Steps to Being Safer Online
Are DIY Home-Security Cameras Smart Enough?
Does Your Whole Home Need Antivirus Now?
A Quick Fix for Poor Passwords
Create a network for devices.To be extra careful, use a newer router to create a separate Wi-Fi network that only your smart-home devices use. This keeps them from falling prey via vulnerable PCs. Also, if a smart-home is compromised, it won’t give hackers access to your home computers.
Point your cameras with care.Assume that your internet-connected cameras could be hacked. That means you should limit the number of cameras you have pointing inside your home, especially in bedrooms. And if you don’t trust yourself to keep your connected video baby monitor up-to-date, best to buy an old-fashioned audio-only one.
Ask your service provider.If you have an installer for home security and automation, be it ADT or a local firm, ask your provider about firmware updates. Often, providers will ensure that their hardware is updated. However, if they say you are responsible, ask for detailed instructions.
Buy new hardware.Some older gadgets will simply leave you vulnerable, especially if you don’t have network-engineering know-how. Newer products have smarter security features and are easier to keep up-to-date. “If the company that made your [device] isn’t selling that model anymore or offering security updates, that’s a good sign for you to throw it in the trash,” Mr. White said.Write toNathan Olivarez-Giles at Nathan.Olivarez-giles@wsj.com