• Skip to primary sidebar
  • Skip to content
  • Skip to footer
  • Home
  • Subscription
  • The Magazine
  • Podcast
  • Contribute
  • Advertise
  • Contact Us

Circuit Magazine

For Security & Protection Specialists

Smart home technology is a rapidly growing consumer and business product. Here are some figures that show projections for the growth of these devices, as well as current numbers:

  • The U.S. is the largest consumer of smart home technology with a market volume of $23.5 billion in 2019 (followed by China with $12.9 billion and Japan with $4.19 billion).
  • Revenue in the Smart Home market amounts to US$23.5 billion in 2019 (up 15.4% from 2018).
  • The most popular products in 2019 are video entertainment (43%) followed by smart speakers (17.3%) and home monitoring and security (16.8%) while lighting and thermostat were lower on the list with 6.8% and 2.3% respectively.
  • Overall the smart home market is expected to grow from $76.6 billion in 2018 to $151.4 billion by 2024, at a CAGR of 12%.
  • Predictions suggest there will be 70.6 million smart home households by 2023 (nearly double from 34.8 million in 2018).
  • By 2020, more than 152 million cars will connect to the internet compared to 23 million in 2014. (Alt, K. (2019, October 16))

With this growth in smart home technology, it is increasingly more important that these items are secured against cyber-attacks. Specifically, this quote from IEEE Sensors Journal explains the challenges of modern homes: 

“In the past, an average home had to deal with common slash and grab criminals, while a modern home has to deal with sophisticated and tech savvy attackers who know how to find vulnerabilities and manipulate the security devices to gain access or cause distress to the inhabitants.” (Jose, A. C., & Malekian, R. (2017))

IoT devices

The devices in a smart home are known as Internet of Things (IoT) devices and the common factor among them is that they have some sort of connected communication. The IoT devices aren’t only used in private consumer environments, but in public enterprise and industrial settings as well. There are many examples of IoT devices. At the consumer level, it  might include garage door openers, smart hubs, thermostats, multimedia devices, lights, appliances, and door locks. In an enterprise application, one may think of an auditorium where when you press a button, the screen comes down, the audio system starts up, a PowerPoint begins, and you are ready to present with the once click of the button. In the industrial environment, the sensors used for manufacturing all talk to each other on an assembly line and  can help with precision manufacturing. 

This is the epitome of true automation with all of these devices connected and communicating with each other instantaneously. You wake up in the morning and tell your smart speaker “good morning” and the lights turn, the coffee pot starts, the thermostat gets set in the bathroom for a shower, and you are given the weather forecast of the day. While IoT devices are being connected and used at an increasing rate, the safeguards to keep them secure have lagged behind. Some devices may be concerning if a hacker takes control unknowingly to you. For example, if someone knows when your smart lights turn off every morning, they know you leave the house every day at the same time. Once they know that, they can then plan to break in. The FBI in 2015 gave out a Public Service Announcement to warn about the risks of IoT devices. The Alert Number I-091015-PSA gave some examples of devices that hackers have compromised.  These devices include medical devices, such as pacemakers and insulin dispensers, as well as security systems with indoor cameras. Each of these devices can cause injury if controlled or used by criminals.

Securing IoT

Securing the devices has been a challenge. Due to high demand, manufacturers introduced many IoT devices in short time frame. A 2017 article entitled Secure Smart Homes: Opportunities and Challenges, aptly summarized the challenges:

“In the last years, two more worrisome (from the point of view of security achievement) tendencies have appeared while building smart homes. The first one is the multiple connectivity to the Internet. This is caused by the cloud-based management of IoT systems as well as by the use of the cloud systems as collaborators of IoT, i.e., many IoT systems make use of the cloud for data analysis and storage.

The second tendency is the behavior of end users, who are becoming responsible for configuration of Smart Home functions including setting access passwords, granting access to devices or services (i.e., electronic door locks). This may cause security holes and instability in the Smart Home environment.” (Batalla, J. M., Vasilakos, A., & Gajewski, M. (2017))

Most IoT devices are consumer based therefore making them easy to operate and access while providing security is where most challenges come in. As with any device security, protecting devices needs to be done by both the consumer as well as the manufacturer.

There are a number of ways that manufacturers can secure their devices. These include gateway control, updates, notifications, and pushing secure access for the end user.  Gateway control is commonly used by the well-known manufacturers. For example, Phillips and Lutron both use gateways for their devices to connect to and the end user to connect through. Many companies also use Z-Wave as a gateway into their devices. Z-Wave is a gateway that provides a wireless signal that only other Z-Wave devices can connect to. Manufacturers also need to undertake frequent updates to address security concerns. There are vulnerabilities coming out all the time, so companies need to protect against them regularly. Companies that provide notifications back to the end user can provide a way to secure their devices. When events are triggered, the end user gets notifications, such as attempted logins, etc. Finally, the company needs to push best practices to the end user. This can include complex passwords, password changes, allowing the notifications, and two-factor authentication, as a minimum. 

The consumer also has a number of things that should be done to secure their IoT devices. The aforementioned PSA by the FBI suggests doing the following specifically:

  • Isolate IoT devices on their own protected networks;
  • Disable UPnP on routers;
  • Consider whether IoT devices are ideal for their intended purpose;
  • Purchase IoT devices from manufacturers with a track record of providing secure devices;
  • When available, update IoT devices with security patches;
  • Consumers should be aware of the capabilities of the devices and appliances installed in their homes and businesses. If a device comes with a default password or an open Wi-Fi connection, consumers should change the password and only allow it operate on a home    network with a secured Wi-Fi router;
  • Use current best practices when connecting IoT devices to wireless networks, and when connecting remotely to an IoT device;
  • Patients should be informed about the capabilities of any medical devices prescribed for at-home use. If the device is capable of remote operation or transmission of data, it could be a target for a malicious actor;

Ensure all default passwords are changed to strong passwords. Do not use the default password determined by the device manufacturer. Many default passwords can be easily located on the Internet. Do not use common words and simple phrases or passwords containing easily obtainable personal information, such as important dates or names of children or pets. If the device does not allow the capability to change the access password, ensure the device providing wireless Internet service has a strong password and uses strong encryption.

Cyber Crime

Batalla, J. M., Vasilakos, A., & Gajewski, M. (2017)

(INTERNET OF THINGS POSES OPPORTUNITIES FOR CYBER CRIME)

To take this a step further, there are other recommendations from an article from Wirecutter. It suggests making sure your Wi-Fi is secure. A part of that is buying a good branded router. They will help you setup and secure your router. The above mentioned UPnP also should be turned off on a well-known router brand. 

Device security uses a layered approach to making sure it is secured. The image below shows how a device might be logged into from the internet.

The devices will have a bottom to top approach with IoT physical devices sitting at the bottom and IoT services (login access) sitting at the top. Let’s say you have a light bulb it will sit on the perceptual layer. It may connect to a gateway that allows it to connect to the Network and Internet at the Network Layer. The Gateway, as well as the router it connects to, will handle opening ports, authentication into the network, and keeping it working. Next is support Layer, this is the actual communication that the devices manufacturer may setup to communicate into the device gateway of the device. Finally, there is the application layer, which may be an app on a smart phone or website. It will communicate with the support layer. The application should provide management and training to let end users understand the best practices. 

Conclusion

To conclude, having a smart home isn’t something that we even thought of 10 or 15 years ago. Now, however we can connect just about any device. Many IoT devices are a luxury, and you must weight the pros and cons for each one connected. For anyone connected to the internet, it’s not a matter “if” you will be hacked, it is “when.” It may be simply having a credit card stolen, but with a smart home it may be something much more invasive. Therefore, protecting yourself with good security measures for your accounts and all devices can help mitigate an attack if it were to occur to your smart home. 

 


Securing Smart Home Devices
By: Walter Hardy Spence, Jr

References
Alt, K. (2019, October 16). 16 Smart Home Statistics & Predictions. Retrieved from https://www.safesmartliving.com/smart-home/statistics-and-predictions/

Batalla, J. M., Vasilakos, A., & Gajewski, M. (2017). Secure Smart Homes. ACM Computing Surveys, 50(5), 1–32. doi: 10.1145/3122816

Cericola, R. (2019, April 1). How to Protect Your Smart Home from Hackers. Retrieved from https://thewirecutter.com/blog/how-to-protect-your-smart-home-from-hackers/

INTERNET OF THINGS POSES OPPORTUNITIES FOR CYBER CRIME, INTERNET OF THINGS POSES OPPORTUNITIES FOR CYBER CRIME (2015). Retrieved from https://www.ic3.gov/media/2015/150910.aspx

Jose, A. C., & Malekian, R. (2017). Improving Smart Home Security: Integrating Logical Sensing Into Smart Home. IEEE Sensors Journal, 17(13), 4269–4286. doi: 10.1109/jsen.2017.2705045

Tweet
Share
Pin
Share446
446 Shares

Buy The Latest Issue

Sign Up For News and Updates

We respect your privacy and will not share your information with anyone.
We will only message you when we have something relevant and of value to share with you.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Latest Issue

Circuit Magazine - Issue 66 - AI Armageddon

Issue 66

Buy Now

Latest Newsletter

Newsletter Sign Up

What you don't know CAN hurt you!

SUBSCRIBE

Latest Industry News

Ugandan Minister Killed by Bodyguard in Apparent Wage Dispute

A Ugandan government minister, Charles Engola, was shot and killed by his bodyguard early Tuesday in an apparent private dispute over wages, according to the army and local media. Engola, a retired army colonel, served as the junior minister in charge of labor in President Yoweri Museveni’s government.

Event

News - Circuit Magazine

Zelenskiy Denies Ukraine’s Involvement in Alleged Kremlin Drone Attack

Ukrainian President Volodymyr Zelenskiy has refuted Russia’s claims that Ukraine was involved in a drone attack on the Kremlin, which was allegedly aimed at killing Russian President Vladimir Putin. Zelenskiy stated that Ukraine fights and defends its territory, not attacking Putin or Moscow. The Kremlin reported that two drones were used in the attack but were disabled by Russian defenses.

News taken from Issue 65 of the Circuit Magazine

Bodyguard Saves Japanese PM from Pipe Bomb Attack

A bodyguard has been hailed as a hero for his quick-thinking actions during a suspected pipe-bomb attack on Japanese Prime Minister Fumio Kishida. Video footage captured the bodyguard kicking away a metal object as it landed near Kishida
before positioning himself between the Prime Minister and the device, shielding him with a collapsible, handheld ballistics shield.

News from Issue 65 of the Circuit Magazine

AlertEnterprise Reveals First-Ever Guardian AI Chatbot Powered by OpenAI ChatGPT

AlertEnterprise has unveiled its first-ever Guardian AI Chatbot powered by OpenAI ChatGPT. The chatbot will make its global debut at the ASIS Europe and ISC West trade events. Built on OpenAI’s GPT-3 platform, the Guardian AI Chatbot aims to provide security operators with instant access to critical physical access and security insights through quick questions and prompts.

James Bore's Cyber Security

Ways to See the Threat Before it Happens

Threat modelling is widely in use, whether knowingly or not, across every walk of life – and has been used since time immemorial to prioritise security defences. The only difference between the well-known risk assessments carried out by everyone and threat modelling in cyber security is the attempt to document and systemise it. I am hoping that this idea of formal threat modelling will be a useful tool for you to use in your future arsenal of available resources as a CP operator.

Close Protection advice

Keeping Your Edge: Building a Solid Foundation

Longevity, consistency and remaining relevant are some primary goals of all protectors. These factors are important when establishing a new contract and providing services for a new client. But what is equally important is the mindset that goes into those first days and weeks on the assignment. As such, I wanted to get the personal perspective of Vantrell Wilson, a close protection agent who I have trained with and worked alongside of for years now.

Technology in the security industry

Leveraging Technology in Industry Hiring

Increased global connectedness through technology is fast becoming the norm these days. Video conferencing and “face to face” meetings are happening daily in real-time across the world. As an industry that prides itself on having the edge over our adversaries, we are falling below our own standards when it comes to utilizing the technological resources at our availability to their fullest potential.

Global Risk Updates

Global Situation Report - November 2021

Global Situation Report – November 2021

Each issue our global geopolitical partner, Stratfor, provides an in-depth analysis of global incidents via in-house experts, cutting edge technology and through a comprehensive globally sourced network. Here is your summary from the last 30 days.

Popular Tags

armed attack Bodyguard business Celebrity client clients Close Protection Communication cp Crime Elijah Shaw EP Executive Executive Protection firearm firearms government gun Intelligence Law Enforcement Media Medical military News online police Prevention professional protect protection Risk Safety Security SIA Social Media Surveillance Technology terror Terrorism terrorist Threat Training VIP weapon

On The Frontline

Protection in an Environment Blinded by Corruption & Crime

Venezuelan Gold-Trafficking

The gold business in general is a haven for scammers, money launderers, traffickers, criminals and terrorists. It is an area rife for the services of a protection specialist since the coupling of unsuspecting investors, with sometimes, greedy buyers can lead to a lot of trouble and loss of money, property, and even lives.

What is Tour Security?

Tour Security is often thought of as a rather niche and unique area of security protection. Using the format of a question and answer session, Miguel DeCoste will venture to answer ‘what is tour security’ and how does it differ from other forms of security provision.

Jose Casillas

Foot Steps: Mike Brown

Mike Brown is one of those individuals who has found success as an operator by envisioning where he wanted to end up and trusting the process to take him there. In his time in the industry, he has earned his stripes and now reaps the rewards running a successful business and managing the protective detail for a very well-known public figure. I speak to Mike to learn some of his keys to success.

Follow us

  • Email
  • Facebook
  • Twitter

From The Archives

Global Situation report provided by Stratfor

Global Situation Report – September 2021

India: Modi Chairs U.N. Security Council Meeting on Maritime Security  Aug 10, 2021    Indian …

Continue Reading about Global Situation Report – September 2021

Global Incidents: 25 Apr 2014

Global Incidents: 25 Apr 2014   Critical Information Brazil: Fresh clashes in Rio over …

Continue Reading about Global Incidents: 25 Apr 2014

Working with a VIP doesn’t make you one

One of the best things about having the opportunity to write an editorial column in the pages of The …

Continue Reading about Working with a VIP doesn’t make you one

Due Diligence and Why It Is Required

The vast majority of problems people have with business deals, investments and their personal life …

Continue Reading about Due Diligence and Why It Is Required

Promoted Event

International Security Expo

Latest Podcast Episode

Latest Issue

Circuit Magazine - Issue 66 - AI Armageddon

Issue 66

As AI armageddon comes closer, the global challenge is discerning the line between innovation and oversight, particularly concerning decision-making biases and security implications.

Buy Now

Follow us

  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • Home
  • Subscription
  • The Magazine
  • Podcast
  • Contribute
  • Advertise
  • Contact Us

© 2023 Circuit Magazine · Rainmaker Platform

This website or its third-party tools use cookies which are necessary to its functioning and required to improve your experience. By clicking the consent button, you agree to allow the site to use, collect and/or store cookies.
I accept