DIY Cybersecurity: Staying Safe among Smart Solutions in the Age of IoT

“The saddest aspect of life right now is that science gathers knowledge faster than society gathers wisdom” – Isaac Asimov.

This quote fits in the context of smart home technology, where the appeal of ease and control leads to forgetfulness. As we make our homes increasingly interconnected, the pace at which we discover the risks associated with these technologies falls behind.

As technology evolves rapidly, smart home appliances are becoming essential tools for many. However, the act of robustly safeguarding these systems can be neglected entirely. How can we address this?

Knowledge is key.

So, let’s take a look at network protocols.

Wi-Fi, specifically IEEE 802.11, is the most common protocol. It provides the high data throughput necessary for devices like smart hubs and cameras, but its ubiquity also makes it a prime target for cyberattacks; ensuring robust Wi-Fi security through encryption, changing default credentials, and secure SSID management is vital.

Mesh networking has found its footing among smart appliances. Zigbee and Z-Wave are two other popular protocols used in smart home devices. These low-power, mesh networking protocols are favored for smart lighting and sensors, as they can operate on low wireless frequencies, limiting interference with Wi-Fi networks. Both protocols encrypt communications, but their security largely depends on proper device authentication and network segmentation; if you’ve never heard of subnetting, now is a good time to check it out!

Another common protocol is Bluetooth Low Energy (BLE), which is often used for device setup or close-range control. Its short-range communication reduces exposure to remote attacks. However, proper configuration and regular updates are essential to prevent local exploits.

Thread and Matter are emerging standards that promise to enhance the security and interoperability of smart home ecosystems. Thread is an IP-based, low-power, mesh networking protocol for secure and scalable home networks. Matter, which builds on existing protocols, aims to unify smart home ecosystems across brands, making it easier for devices from different manufacturers to communicate with streamlined security.

Securing the communication and data flow between smart devices is a critical aspect of cybersecurity. These devices connect to the home network either directly via Wi-Fi or through a hub. After being assigned an IP address, the device is discoverable and generally able to communicate in the network. Device discovery protocols enable devices to find and communicate with each other locally; however, limiting the scope of device discovery and monitoring network traffic for unusual patterns helps mitigate risks. Home monitoring solutions range from open-source SIEM technologies like Wazuh, to proprietary software like Microsoft Defender. Regardless of your ecosystem and the extent of your smart home technologies, every network should be monitored for inconsistencies.

The security of smart home appliances hinges on several key practices. Encryption, authentication, and regular updates can already get you quite far. Ensuring that all devices use the highest available encryption standards and are set to receive automatic updates helps protect against new threats.

Achieving seamless integration while maintaining security requires careful planning. Connection hubs should be attached to a firewall. Cloud services offer convenience but also introduce latency and potential privacy risks. Opting for local control can reduce the dependency on external servers, enhance privacy, and improve response times. Networks should be securely configured and isolated from less secure IoT devices.

To summarize:

– Change default credentials!
– If you can, segment your networks!
– Encrypt communication!
– Use strong passwords and 2FA when available.
– Limit access: If internet access isn’t crucial, disable it.
– Schedule updates!
– Learn how your devices really work: what data they save and what data they share. This will help not only with your smart home integration but also with adapting to the ever-changing digital landscape.

While Asimov’s words seem to ring eerily true, more so with every passing day, let’s finish this piece with another, more optimistic take from him.

“The greatest weapons in the conquest of knowledge are an understanding mind and the inexorable curiosity that drives it on.” – Isaac Asimov, A New Guide to Science, 1984.

May these qualities make the digital future a safe one for us all.

Cyber-resilient Kymenlaakso project is co-funded by European Union via Regional Council of Kymenlaakso from Just Transition Fund (JTF) of the European union.  Project duration is 1.9.2023–31.12.2025.