Smart Homes Keep Getting Hacked! Secure Your IoT With These Simple Steps

Want to make your Home Network more secure?! These 9 steps make it really easy to do so.

Earlier this year, the NSA published an “information sheet” about how to secure your home network. Why does that matter? Well, the NSA often times is on the forefront of attacks, so they often put out warnings about current hacks or threats that we, as consumers, should be aware of.

But if you didn’t read it - I don’t blame you it was pretty boring. Here are my favorite tips from their PSA but also some of my own. Check out the other videos on my channel to start your own solid security foundation.

This video is sponsored by DeleteMe, so stick around for a great discount and find out how you can scrub your data from the internet the easy way.

1. First, smart home devices, like smart doorbells, locks, cameras, even smart TVs, lights, plugs, etc are often the weakest security link in your home network. If one of those products can easily be hacked, then a hacker could pivot from your weak smarthome product to the rest of your network. After watching this video, go back to my Smart Home Security Tips video and run through those steps to ensure all those devices on your network are secure. Using hardware mic mutes or video shade covers on these devices can also prevent eavesdropping if they do get hacked.

2. Use an updated and modern operating system. If you have a computer at home - use something like Apple’s MacOS or Microsoft’s Windows or even a Linux distro. While Windows is the biggest culprit for security vulnerabilities, you can set your OS to auto update in the middle of the night when you aren’t using your PC. If you prefer not auto updating - set a calendar reminder to check for updates once a month or so. These companies push patches out really often to fix security issues, so using an old no-longer-supported OS can leave a huge opening for an attacker. You can do the same thing for your iPad or android tablet, laptops, smartphones, and smart home devices - updating frequently is one of the best ways to protect your network from getting compromised.

3. Updating your web browser helps with any security threats that target this software as well. Since cookie-based attacks have been on the rise, logging out of online accounts now and then, and closing your web browser completely can also prevent malicious actors from having access to your accounts.

4. Enable anti-virus and anti-malware security software wherever possible. In newer operating systems, sometimes this is offered for free through the OS - so you don’t have to download a third party Anti virus program. But if you prefer a third party option, or if you need more protection, plenty of these exist for consumer devices. Personally, I use the built in AV for my OS, but I also use anti-malware software and I have good online security hygiene to spot potential issues before they ever reach my device. A holistic approach to security is important, as just implementing one of these tips but ignoring the others won’t protect you in the long rum.

5. Speaking of holistic approaches, here’s a step you can take online to protect your data - which can prevent phishing campaigns from using your personal data against you. Because you can protect your home network all day but if your data is already online, it’s easy for anyone to find it. Data broker websites make our data easily searchable and publicly available - that’s data like your full name, home address, phone number, email address and more. Yes, you can totally go to each of these sites one by one, find your data, and request that they remove it, but that could take days every month to do because there are so many data brokers out there - there’s actually hundreds. So I signed up for DeleteMe many, many years ago as a paid customer, and they take the hassle and stress off my shoulders. DeleteMe sends those opt outs so I don’t have to do it myself and they keep checking the data brokers to make sure any data found is scrubbed.

   If you’re sus about trusting a company to do this work for you, DeleteMe does provide contact info for questions, and they have detailed public info about how they protect your data themselves.

   So if you are ready to take control over your data online, of maybe you’re looking for a smart Christmas gift for someone who needs better online security, especially that phone number, check out joindeleteme.com/morsecode to get 20% off any of their consumer plans with the coupon code SNUBS, which will automatically apply at checkout. That’s joindeleteme.com/morsecode and 20% off with coupon code SNUBS. Thanks to DeleteMe for sponsoring this episode!

6. While we’re on the subject of updating, where is your modem and router? That lil box that feeds your house internet? Don’t ignore it after you’ve set it up - log into the administrator account, make sure you aren’t using a reused or default password, upgrade the settings to WPA3, turn on any firewall recommendations, and check for updates. Turn off remote administrative privileges or access if you never need to log into your devices when you’re away from home. Better yet, check with your ISP to see if you can buy a third party wifi router and modem for your account, especially if you’re renting one from them. ISPs will commonly give you devices that are slow or poorly secured, so using your own router and modem can offer better security on top of saving you some money.

7. Create separate wifi networks for your work machines or computers, your smart devices, and your guest network. This is what I do on my “modem” and router setup, and that ensures that guests won’t infect my computers with anything they might bring into the network, and smart devices are segmented away on their own network. This creates a barrier between each group of devices, and can stop an attacker before they reach your entire setup.

8. Use the administrator account on your computer only for installing software, firmware updates, and patches, or for network maintenance. Use a regular “user” account for day to day stuff like web browsing and entertainment and gaming. If an attacker does get access to your machine while you’re logged into a USER account, this can help prevent them from accessing or making malicious changes to your network. Some hacks do occur that allow attackers to level up from a user to admin and get persistent access, but not all hacks work the same - so this can be an effective protection.

9. Reboot your devices from time to time to trigger updates if these aren’t automatic. This can also help with any malware or virus implants that don’t live on through a power off cycle - some do and we call this “persistence”, but if a virus or malware can’t survive a power cycle, this can remove an infection - just keep in mind it got there somehow, so implementing the rest of this video is important. If you’re going on vacation, turn off anything you won’t need to have access to while you’re gone.

While these are just some of the networking tips the NSA has recommended, I’ve got soooo many more that you can watch on my channel, and I’ve linked their full info sheet below in case you want to read it. Bye yall!