Hangzhou Xiongmai Technology, a Chinese component manufacture whose technology is used in digital video recorders and cameras, said in an email to tech industry publications Sunday that the attack appeared to have exploited security vulnerabilities involving weak default passwords in its products.
That doesn’t ease the minds of millions of people who connect to the Internet of Things (often abbreviated as IoT) on a daily basis.
Kari Giordano’s family uses smart devices for cameras, lights, music and thermostats and the garage door.
“It’s like a contradiction, because you’re doing something to keep yourself safe and you’re opening yourself up to who knows what,” Giordano said. “It’s disconcerting. It’s frightening, especially with kids.”
Cyber attacks on smart-home devices are expected to grow exponentially in the coming years. According to Gartner, a technology research company, an estimated 6.4 billion connected devices were in use last year. By 2020, that number is expected to more than triple to 20.8 billion devices.
York encouraged consumers to think carefully about what and when they connect devices to a cloud or even to the internet in general.
“Think of a domain name or website as the same as a storefront of a brick-and-mortar store, and think about all the things that go into that store,” he said.
“It’s the electricity, it’s the plumbing, it’s the flooring, it’s the heating, it’s the sale systems, it’s the filing cabinets,” York said. “If you think about it in a real physical way, behind every website on the internet, it’s the same thing.”
To protect your privacy and security, experts recommend:
• Learning how your connected devices work and determine whether they’re internet-enabled.
• Follow security instructions to change default passwords on all devices (including those that may not have obvious passwords).
• Update hardware with the latest software and consider using an internet hub at home for any smart-home hardware