As homes are becoming “smarter”, new electronic risks to the homeowner are being introduced. Where there was once just a router providing internet access, now there is Wi-Fi, cameras, lights, security systems, etc. Today, many of these appliances are internet connected with advanced functions that can be controlled by a simple app.
So what in the home can get hacked?
ROUTERS AND Wi-Fi:
A hacker can gain access to the home router and Wi-Fi and then collect all data passing through that device, potentially exposing information. This is done two ways: password brute force or backdoor exposure. The intruder can then log on to the attached device, manipulate data, and try to extort the victim.
COMPUTERS AND PHONES:
Here, a hacker can gain access to device data and applications by password brute force, phishing, backdoor or rogue application, etc. Hackers can log on to remote systems, change data, access applications, manipulate or destroy data, and/or encrypt the data for ransomware.
VIRTUAL ASSISTANTS AND SECURITY SYSTEMS (Door, Window, Motion, Pressure):
A hacker can gain access through a router, computer, phone, backdoor exposure, or brute force and monitor all communications and sensors. This information could be used to access personal or private information and extort the homeowner. A hacker can determine when occupants are home, disable the sensors, change passwords, or expose data and then ransom it.
CAMERAS AND LIGHTING (External, Internal):
Hackers can gain access, disable, or manipulate the feed or light controls. Data can be exposed, ransomed, and manipulated. Hackers can determine when occupants are home or asleep, disable cameras, manipulate lighting or video, or copy video and hold it for ransom. Tactics include password brute force, entry through the router, computer or phone, and backdoor exposure.
FIRE, SAFETY, AND HVAC SYSTEMS (Fire Alarms, Smoke Detectors, Thermostat, Carbon Monoxide Sensors):
Hackers can gain access to the fire, thermostat, or safety systems and monitor or manipulate the sensors and controls. This is done by password brute force, through the router, computer or phone, or backdoor exposure. Hackers can manipulate the smoke and carbon monoxide sensors to prevent or trigger the alarm which can be dangerous to the occupants. Triggering the smoke or carbon monoxide sensors can harass the occupants. False alarms to the police and fire department can cause fines. Hackers can manipulate the controls like temperature settings, or manipulate and disable sensors causing reactions like freezing. Data can be exposed, ransomed, or manipulated.
EXTERNAL SENSORS (Water, Temperature, Humidity) AND CONNECTED APPLIANCES (Refrigerator, Oven, Microwave, etc.):
Hackers gain access to sensors and appliances through password brute force, routers, Wi-Fi, computers, phones, or backdoor exposures and then alter settings or turn things off and on. They can manipulate the sensor feed or data that controls alarms for temperature, water leaks, water pressure, and humidity. Once exposed, they can also determine when occupants are home or cause a physical risk such as a fire.
What can homeowners do to protect themselves?
- Perform regular system maintenance
- Use stronger passwords
- Use firewalls and anti-virus software
- Encrypt data that should stay private
Want more information like this delivered straight to your inbox? Click the “Follow” button on the bottom of the screen and enter your email address.
© 2021 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties or representations as to the accuracy or completeness of the content herein. Under no circumstances shall HSB or any party involved in creating or delivering this article be liable to you for any loss or damage that results from the use of the information contained herein. Except as otherwise expressly permitted by HSB in writing, no portion of this article may be reproduced, copied, or distributed in any way. This article does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable endorsement form.