In recent years, smart home technology has gradually become popular. However, if smart home products collect sensitive data that leaks and is exploited by criminals, it could threaten personal property and even personal safety.
What security risks currently exist in smart homes?
What are the technical principles behind them?
How can we prevent smart homes from infringing on personal information security?
Recently,
reporters conducted an investigation on this topic.
Convenience comes with security risks
which may lead to user privacy breaches and property losses.
In 2021, a certain brand of smart speaker was reported to have vulnerabilities, allowing attackers to remotely control the device through Bluetooth protocol vulnerabilities, enabling them to listen to users even when the device was turned off.
Photo by Wu Xiaoli
Similar risk cases abound in daily life:
👉 Hacking the Bluetooth communication link of a smart toilet to initiate a connection via Bluetooth, controlling the opening and closing of the toilet lid, and automatic spraying;
👉 Infiltrating smart sockets to remotely turn on heating devices and electric irons;
👉 Capturing Bluetooth signals to crack smart lock passwords, leading to device unavailability through remote malicious operations;
👉 Home cameras can become live streaming windows for hackers.
Yang Huaiyu, an analyst in the consumer industry, stated
“Smart homes mainly have three aspects of security risks.”
First, many smart home devices may have security vulnerabilities, allowing hackers to remotely control devices, steal user personal information, and damage home equipment;
Second, smart home devices typically communicate over the internet, and if network security measures are inadequate, hackers may exploit network attack methods to disrupt device communication functions or even control the entire smart home system;
Third, smart home devices store user personal data, and if the security protection of the device or cloud service is insufficient, hackers may exploit security vulnerabilities to steal data, leading to user privacy breaches and property losses.
In addition to the above risks, white label products (usually referring to products without brand identification or with unclear identification) connecting to unofficial platforms are considered another major cause of security risks in smart homes by industry insiders.
Sun Hao, Vice President of 360 Smart Life Group, told reporters: “Currently, there is still a prevalence of white label products in categories such as smart cameras and smart locks. These products, due to having cameras and audio-video recording and transmission capabilities, have high requirements for platform capabilities and operational costs. Many white label products connect to unofficial cloud platforms, posing significant security risks in terms of platform stability and security.”
Risks on official platforms are relatively controllable
There are tips for selecting and using them
Yang Huaiyu analyzed: “Smart home devices generally connect to home networks or other devices through wireless communication protocols (such as Wi-Fi, Zigbee, Bluetooth, etc.) and process data through the cloud for remote control. If these communications are not properly encrypted or have software vulnerabilities, they can be easily exploited by hackers.”
Sun Hao stated: “The cloud platforms for smart homes have similar communication encryption and privacy handling mechanisms as traditional internet platforms, and the risks of official IoT platforms are relatively safe and controllable.”
Risks on official IoT platforms are relatively safe and controllable. Reference image
How can consumers prevent smart homes from infringing on personal information security?
Experts believe
that attention should be paid to both purchasing and usage aspects.
Purchasing:
Consumers should choose reputable brands when buying smart home products, prioritize compliant devices from official sales channels, and select products that have passed national security certifications. Currently, the smart home hardware industry is mixed, and there are still many white label products for sale on e-commerce platforms, especially in categories like smart cameras and smart locks, where the proportion of white label products is high. Consumers need to be cautious in distinguishing them when making purchases.
Usage:
In terms of usage, consumers should strictly control the permissions granted to corresponding apps and cloud services. Without any prompts or explanations, consumers should not blindly grant usage permissions.
Consumers should regularly update software drivers, patch known vulnerabilities, and enhance security;
Use strong passwords and two-factor authentication to increase account security and prevent hackers from cracking passwords;
Limit network access, hiding smart home devices within the home local area network and restricting external access;
Use encryption methods to ensure that communication and data transmission between devices are protected by encryption technology;
Avoid using public Wi-Fi;
Turn off unnecessary features, reducing potential security risks;
Properly set privacy permissions, turning off unnecessary data collection and sharing permissions.
Produced by the New Media Editorial Department of China Consumer News
Source: /China Consumer News · China Consumption Network
Reporter: Wu Xiaoli
Editor: Li Xiaoyu
Supervised by: He Yongpeng, Ren Zhenyu
Internet News Information Service License: 10120170022Report illegal and harmful information: 010 – 88315438
