For all the convenience the Smart Home brings to homeowners, those smart thermostats, locks, baby monitors and TVs might be used not only against you, but against the internet as a whole.
Concerns over security in the Smart Home are not new. In fact, a report from ABI Research last month pointed to many makers of Smart Home devices ignoring cybersecurity concerns in a rush to get products out the door, leading to a number of flaws that are easily exploited by hackers (Read: Ringing the Smart Home Security Warning Bells).
The recent distributed denial of service (DDoS) attacks that crippled parts of the internet last week were the result, in part, of hackers compromising Internet of Things (IoT) devices, such as surveillance cameras and entertainment systems inside homes that are connected to the internet. The attacks, which brought down websites including PayPal, Twitter, Amazon, Netflix Spotify, Reddit and others, targeted the servers of Dyn, a company that controls many of the domain name systems of major internet companies.
Now the Department of Homeland Security (DHS) is taking steps to counter future attacks and is working to establish a new set of what it calls "strategic principles" for securing internet-connected devices. The DHS held a conference call with 18 major communications service providers in order to share information about the incident, as well as to develop these principles to help prevent attacks of this nature (or larger) from happening in the future.
The DHS says it will release the strategic principles in the coming weeks. It is working with law enforcement, the private sector and the research community to develop ways to mitigate against future malware attacks.
In a recent blog post about the attacks, Dyn says that it not only has exposed incredible vulnerabilities in the security of IoT, but also how the internet community as a whole must work to improve its overall security to protect the future of the medium.