Smart homes: Wise choice or hacker haven?

Smart homes: Wise choice or hacker haven?

Smart homes tout convenience and the ability to remotely monitor those at home. But are these benefits at the expense of consumer security?

Members of the public can download the smARt Nation app on their mobile phones and use augmented reality to experience the "possibilities of a Smart Nation". (Photo: Winnie Goh)

SINGAPORE: Mark Rittman wanted a cup of tea at home in the UK one morning, and called on his digital assistant, Amazon Echo, to turn on his Wi-Fi-enabled kettle to boil the water needed for said tea.

It eventually did, 11 hours later, no thanks to the fact that the kettle could not “speak” with the digital assistant.

This is but a snapshot of the use of “smart”, connected devices that will become increasingly prevalent in smart homes, as manufacturers and tech companies converge on pushing the benefits of these devices.

Research firm Gartner projected in 2014 that there will be 25 billion connected “things” by 2020. “The number of connected intelligent devices will continue to grow exponentially, giving ’smart things’ the ability to sense, interpret, communicate and negotiate, and effectively have a digital ‘voice’," said Gartner vice-president Steve Prentice.

Real estate developers have latched on to the potential of smart homes, internationally as well as in Singapore. The Visionaire, a 632-unit executive condominium in Sembawang, was marketed at launch in April this year as one of the first smart homes in Singapore. Its smart home package offers up to 10 smart devices from Samsung such as washing machines and air-conditioners that can be remotely controlled, according to its website.

Buyers who choose not to opt for the smart home features pay at least S$6,500 less for their homes, depending on the unit's size.

Mr Li Jun, managing director of Qingjian Realty (South Pacific), the developer behind The Visionaire, told Channel NewsAsia that more than 70 per cent of buyers took up the smart home package, and said the most popular among these devices were those related to safety and security.

“Homeowners placed the safety and well-being of their elderly and/or young children as their priority,” Mr Li said. “The smart digital lockset, smart IP camera and smart motion sensors will provide them with peace of mind as they would be able to remotely monitor movements in and out of their homes.”

Telco M1 and developer Keppel Land also announced a tie-up last December to launch smart living offerings for the latter's residential and commercial properties. The pilot will run for 12 months starting early this year at The Luxurie, a 622-unit condominium in Sengkang.

And it is not just private developers that are extolling the benefits of smart homes.

The Housing and Development Board (HDB) also has a Smart Enabled Home Initiative, with Yuhua being the first existing HDB estate to launch it. The three local telcos – Singtel, StarHub and M1 – have partnered with vendors such as Samsung, Silverline and Intraix to offer features such as utilities management, elderly monitoring and alert systems, according to the HDB website.

For some consumers, the convenience that smart homes brings is a big draw. Mr James Teo, a lawyer, said he would be interested, citing the prospect of being able to “turn on the air-con five minutes before coming home, having everything set up by the time I open the door and TV on my favourite channel”.

However, he stopped short of features that require video monitoring, of which he professed to not being a “big fan”.

Mr William Foo, a finance professional, said that while smart homes may attract his attention, he finds it “gimmicky”. “It’s good to have but, ultimately, won’t affect my decision to buy,” he explained.

CONNECTED DEVICES AN 'ATTRACTIVE TARGET'

While the benefits of real-time monitoring and alerts are obvious, IT security companies Channel NewsAsia spoke to stressed caution when deciding on smart homes.

Symantec's Senior Vice-President of Asia Pacific and Japan Sanjay Rohatgi said there are many different smart home devices available on the market today, and these are “steadily increasing as they gain popularity”.

That said, to enable smart homes, today’s home networks are typically made up of a broadband router offering Internet access to devices through Wi-Fi and Ethernet connections. These devices may also use a backend cloud service to monitor usage and is often paired with a smartphone app to allow users to remotely control these systems, Mr Rohatgi said.

“However, the present state of security on connected devices presents an attractive target to criminals who look for easy targets – just like burglars who prefer houses without alarms or dogs,” he said, adding that Symantec research found 10 security issues in 15 Web portals used to control Internet of Things (IoT) devices without performing any deep tests.

Another industry insider, Mr Robin Schmitt, echoed Mr Rohatgi’s sentiments, saying that while smart devices in these homes are time-savers and offer convenience, there are “real ramifications” to be aware of.

The Asia-Pacific head for Security and Marketshare at Neustar, a company that provides real-time analysis of sectors such as the Internet and telecom, said: “Even though there have been some efforts to draft security guides and standards, the rush to bring new smart devices to market will, unfortunately, mean that many smart devices have critical flaws.”

SMART HOMES A WISE CHOICE?

The stark reality of how a smart home could be hacked was brought to "reel life" in the first episode of TV show Mr Robot's second season. In it, hacker group fsociety infiltrated the network of E Corp general counsel Susan Jacob's home, causing her TV and audio systems to act up, lights to come on and off, thermostat to go so cold Jacobs had to wear a winter coat in her home.

Vigilante hacker Elliot Alderson staring at his computer screens in an episode of TV show Mr Robot. (Photo: USA Networks)

So it comes as no surprise that security was flagged up as an area of concern for Mr Foo. “I'm certainly concerned and would definitely require some assurance and explanation prior to purchase.

“To be honest, I think it's probably easier for a burglar to enter a house that uses retina recognition than one using the traditional lock-and-latch method,” he said.

Mr Foo’s reticence is not unfounded. Symantec’s Mr Rohatgi pointed out that with IoT finding its way into homes, there are many of these devices connecting to the same network. “IoT devices and smart home products with poor security make easy targets and cybercriminal networks are taking advantage of this to spread malware and create zombie networks, or botnets, unbeknownst to their device owners,” he added.

Mr Schmitt agreed, and added that infiltrating an individual’s smart home network may have wider, more dire implications.

“While hackers might attack consumers directly to steal their personal data or facilitate burglary, a more probable scenario is that smart devices will continue to be used as ‘tools’ for large-scale Distributed Denial of Service (DDoS) attacks on public and private institutions,” he explained.

As such, he called on companies and industries offering these smart homes and devices to take full responsibility to assure their security.

“It is the manufacturer’s responsibility to provide appropriate guidelines on how consumers should protect their devices,” said Mr Schmitt, adding that consumers should also have good "Web hygiene" in creating strong passwords for their devices and networks as well as report unusual activity immediately.

Source: CNA/kk

Bookmark