Affiliate Disclosure: By buying the products we recommend, you help keep the lights on at MakeUseOf. Read more.
When you think of smart home hacking, you probably don’t think of Burger King. In fact, you might not think about smart home hacking at all. Why would someone want to get into your thermostat or your doorbell?
But, smart home security is a big deal. And Burger King recently showed us why.
What, Exactly, Did Burger King Do?
Essentially, Burger King hijacked smart home devices in numerous people’s homes by broadcasting an audio signal through TVs. This kind of security breach is something homeowners interested in smart devices have been worried about for some time.
The description sounds more nefarious than the event itself. In one of Burger King’s commercials, an actor says, “Ok Google, what is the Whopper Burger?”
In homes currently equipped with a Google home system, this command triggered a number of devices to look up information on the Whopper.
Is this a huge violation of privacy? Not really.
Should it make you nervous about smart home security? Absolutely.
Burger King — the last company you’d ever expect to intersect with the smart home industry — showed us that our smart home devices are more vulnerable than we think. It’s one thing to have a highly secure router protecting your devices. It’s another to have them taken over by a simple question asked in a commercial.
Is This a Big Deal?
This little prank seems harmless. And, for the most part, it is.
Within three hours, Google put a stop to the prank by preventing Google Home from reacting to the sound clip from Burger King’s commercial. Wikipedia also had to put a quick stop to pranks by locking down specific editing privileges – the page listing the Whopper’s ingredients received additions ranging from ‘toenails’ to ‘rats’.
But what if the next company to take over your smart home devices thinks it would be funny to tell Alexa to order their newest product? Or, what if a would-be thief figures out how to send an audio message through the speakers of your computer or phone?
That would be significantly less harmless.
The take-away from this experience is that voice-activated smart home tech has some weaknesses that we haven’t totally thought through yet. We know how to protect our home Wi-Fi networks, and that goes a long way toward protecting our smart home gear. But there are other points of entry that we need to think about.
You may want to give these weak links some thought before you fill your home with Alexa or HomeKit gear. Smart home tech has developed very quickly, and it’s really cool. But, it’s still in the early phases of adoption – and that means there are plenty of key security strategies we haven’t figured out yet.
Of course, there’s always the potential for traditional hacking as well. Many smart home devices could do some serious damage if hacked. Imagine someone deactivating your window opening sensor, or turning off your fire alarm. Any kind of smart home security breach could place your family, belongings, and home at serious risk.
How to Protect Your Smart Home
We’ve established that smart home tech is vulnerable. So, what do we do about it?
First, secure your home network. You should be doing this anyway, but it’s especially crucial when you have smart home gear set up. Change your router’s default password. Use a strong password for your Wi-Fi. Enable your firewall. We have tons of tips to quickly secure your network, and you should do them as soon as you can.
Second, secure your phone. Because your phone controls so many smart home devices, it’s a potential access point to your home. This means that if your phone gets stolen or hacked, you could be in serious trouble. Make sure you have a secure PIN or fingerprint lock enabled. As well, consider using privacy and security apps that let you track and lock down your phone after you lose it.
Third, use strong passwords for your devices. Your smart home devices will almost all connect to the internet somehow. And that means there’s the possibility that someone could try to access them remotely by guessing the password. Fortunately, using good password management practices makes this extremely unlikely.
Fourth, use a unified threat management (UTM) device. This can get expensive, but if you have a lot of smart home devices doing important things (such as locking your front door, or securing your windows), it’ll be worth it. These are physical appliances that pack a lot of anti-attacker tech (like this WatchGuard Firebox). They’re usually used by businesses and other organizations housing sensitive data, but it’s not a bad idea to invest in one for your home.
Fifth, update everything. We say this about other kinds of devices all the time, and the wisdom holds true for smart home stuff, too. Firmware updates on your devices will make sure they’re better prepared to handle new threats as they arise.
Finally, check Shodan. Once you’ve gotten everything set up, use Bullguard’s internet of Things scanner to see if your device is listed on Shodan, a search engine for publicly accessible IoT devices. If your devices are listed, check your preferences and go through the above list again.
How Do You Secure Your Smart Home?
Smart homes are great. They can save you money, keep your home secure, save you time and effort, and indulge your geek tendencies in a very useful way. But they can also be a bit of a hazard, as Burger King’s recent misstep showed.
The truth is, you can never be totally sure that your home is safe from every threat. But, by using the tips above, you can take steps in the right direction.
Do you use smart home devices? How do you secure them? Have you ever been hacked? Share your thoughts in the comments below!