Most of us know that we need to protect our computers from hacking, identity theft, and other security hazards. But now that more and more everyday items in our households – from light bulbs to washing machines to baby monitors – are connected to the internet, we need to make sure that these items are secured as well. Because they’re not.
Unfortunately, Internet of Things (IoT) devices are notoriously unsecure, and a troubling investigation by hacker, Limited Result, reveals that some IoT devices are not only potential targets when connected to your home internet network, but could even pose a security threat after you’ve thrown them in the garbage.
Limited Results investigated several budget smart lightbulbs and found that many of them have no security features protecting the information held on the microchips inside the bulb.
Some lightbulbs could be taken apart, and the chips removed and hacked to reveal unencrypted data, including the Wifi password for the network to which it had formerly been connected.
“Seriously, 90 percent of IoT devices are developed without security in mind. It is just a disaster,” Limited Results told TechCrunch.
There were other safety issues beyond the security of personal data. Limited Results also found that inexpensive smart lightbulbs were so cheaply-made and poorly insulated that they posed a serious risk of electrical fire.
So how can you make sure your IoT devices are secure?
For starters, don’t just go for the cheapest version available. Although there’s no guarantee that the top dollar devices are secure either, be mindful of installing smart devices outside of your home. For example, you may want to sacrifice being able to tell Alexa to turn on your porch lights. Dispose of smart light bulbs carefully, and don’t donate them to second hand stores.
Another option is to create a subnetwork or guest network for your connected devices. And as always, make sure everything is password protected and change your password often. Especially your wifi passwords.
The conveniences of IoT devices need to be weighed against the potential security risks, at least until IoT manufacturers create regulations and standards for security.