In research conducted by the Pradeo Lab on around a hundred IoT mobile applications, some serious Smart Home vulnerabilities were revealed, bringing us back to the question on how secure are we in this rapidly transforming world of connected devices?
The research proved that the smartphone apps used to control the connected devices, such as baby phones, thermostats and electric binds, are difficult to take over, which is positive to hear, however the data stored on these kinds of devices can easily be bought, raising yet another red flag over data privacy.
Another point worth considering is that the research has only included apps that were available on the Google Play and App Store, clarifying yet again that apps on official stores may be free from malware but not unsusceptible to future cyber attacks.
Vulnerabilities found in these apps
Before diving into the specifics, let’s be clear, on a shocking finding; 80 out of the 100 tested apps carry at least one category of vulnerability, clearly implying that as many as 80% of your connected devices are susceptible to cyber attacks simply through the mobile apps you’re using to control.
Out of all of these vulnerabilities, 15% belong to the ‘Man-in-the-middle attack’. It means that some cyber criminals can easily get a middle access in the network and change your command and the device’s output before it reaches the other end.
8% of the apps are also sending data to uncertified servers, some of which have expired and are available for sale at present. Which means now anyone who buys these servers may absolutely have free and unrestrained access to the data stored inside.
In addition, almost 90% of the data sent by these applications get leaked into the network. Most of the leaked data is seemingly harmless, similar to the devices and phone network information, but it also includes private information like IP addresses, IMEI numbers, video and audio records, and geo location.
Though the concerned companies were notified of these issues, hopefully they will also take the necessary actions, but is that all that’s required to ensure a safer and more secure connected world?
Certainly not, and this research has only found the susceptible areas in terms of controlling mobile applications, which constitutes only a small fraction of your connected devices’ network. So what are similarly helpful actions you can take in order to create a more secure smart home or at least to minimize the risks involved?
How To Secure Your Smart Home?
It’s understandable that the journey to a completely secure smart home is a long one, but that doesn’t entail we couldn’t take the necessary measures ourselves. Stay safe and stay connected.