The news of cameras getting hijacked is not new and these examples exemplify the IoT security crisis. After reading through different publications it seems the user has to take the necessary steps to secure himself.
This article is designed to educate users on how to tell if the device is hacked and what next steps to take to secure themselves.
If you’re going to turn your home into a smart home using equipment connected to internet, you will have more security issues. The security professionals call it Internet of Things (IoT) security. IoT is defined as anything with a sensor that can transmit data over internet from one device to another device. Simply put, once you are connected to internet you are exposing yourself to threats, such as identify and data theft, denial of service, malware, ransomware, etc.
The hackers use very advanced special computer programs to breach a home’s WiFi and have access to data from the dark web to scan thousands and thousands of devices and systems in very short order to acquire the passwords, user information, etc.
How do I know if my device is hacked?
If you are already experiencing things like hearing a hacker’s voice, then you are already hacked. Tale tell signs are listed below:
- Abnormal camera movements
- Security settings have been changed
- Check security setting on WiFi devices
- The LED light in some cases is blinking
- Strange noises in the room
- There are some advance checks such as data flow, IP address checks, etc. and may need some technical expertise
If the camera follows you and rotates in the direction of your movement then it’s safe to say that someone is watching.
What are the immediate next steps?
First important step is to remove the source of power or remove the device physically and disconnect the internet connection.
List of safeguards to protect from future attacks:
The targeted people for the recent hack are those who reuse the same names and passwords on different devices, applications and social websites. Once these sites are breached, the hackers can steal user credentials and passwords. The same information can now be used to hack into the other accounts of the user.
From the security perspective, it’s important that you don’t rely on just one step alone and use the security in layers to protect yourself.
Safeguard WiFi – Some steps to protect the WiFi at home.
- Use of a strong password, stop sharing WiFi publicly, and guest WiFi must have a very strong password.
- The technical setting includes the use of encryption WiFi Protected Access (WPA2), disable SSID broadcast, secure your router and stop remote management, and limit the number of devices with the access networks.
- Check periodically to know what’s connected to WiFi.
Use a firewall and antivirus software – The devices connected to the network are exposed to threats such as malware, ransomware, etc. Installing a firewall on your home network and antivirus software can save you from such vulnerability.
Use a device that can’t be detached easily and require a lot of effort to remove – The device’s physical security is important, and hackers can simply come and unscrew the doorbell from the wall.
Device software updates – Within the device setup, look for firmware update status. Always keep the device software up to date. Updates contain fixes for vulnerabilities and the updated software would make your device less vulnerable to attacks.
Use of two-factor authentication – The process of two-factor authentication involves the use of the password and other verification such as getting the code via text message or email. This will provide an extra layer of protection. Ring customers can get extra security by having a password sent to the mobile number you provide.
Below are the two-factor setup steps for Ring Doorbell from Wired.com. To enable two-factor authentication on your account, open the Ring app, tap the three-lined icon in the upper-left corner of the screen, and go to Account > Enhance Security > Two-factor Authorization > Turn on Two-factor. Then enter your password and the mobile number where you’ll receive the SMS messages with one-time login codes. Then enter the first test code and hit Continue. Keep in mind that you need to add two-factor individually to every “Shared” and “Guest User” account.
Encryption – Use the device and installation company, which is well known and understand security requirements. Look for the reviews and speak with users known to you. Among other things is the use of encryption. The encryption makes it hard for hackers to attack.
Old footage – Remove the old data files to reduce exposure in case of a breach.
Also be careful of phishing attempts and sharing the user id and password credentials.