Researchers warn smart home appliances could be used to attack power grids

By AJ Dellinger September 7, 2018

Ian Muttoo/Flickr

When you invite a connected device into your home, you may also be opening your doors to hackers who may want to use your internet connected appliance to attack power grids and other high-profile targets. That warning comes courtesy of security researchers at Princeton University who are worried about the lack of security in smart home appliances.

The team of academics primarily focused on larger appliances such as ovens, air conditioners, and space heaters that offer internet-connected features, such as remote access via mobile apps and connectivity with other smart devices and hubs like Amazon Echo. Those devices, in theory, could be used to create a botnet — a collection of hijacked devices that are used to overwhelm services with massive influxes of traffic that can knock targets offline.

Recommended Videos

While the researchers didn’t highlight any specific flaws they discovered, they did offer proof-of-concept attacks that show how a threat actor could potentially disrupt electrical grids and other major utilities. The attacks focus on supervisory control and data acquisition (SCADA) systems, which are used to monitor and maintain the many peripheral devices that keep power plants operating.

Such an attack — known as a “Maniuplation of demand via Internet of Things,” or “MadIoT” — could do serious damage to the operation of power grids, and could prove difficult to detect and stop once they start. This DDoS (Distributed Denial of Service) attacks require no real knowledge of how a grid operates, it simply overwhelms them by directing infected smart appliances to send huge amounts of traffic to the systems.

This type of attack is enabled by the fact that most internet-connected devices lack basic security measures. Because many come with default passwords other insufficient authentication checks, it is easy for attackers to quickly find devices exposed via the internet and compromise them without much effort. As many as 70 percent of smart home devices are vulnerable to such attacks, HP found.

Luckily, there are ways to make sure your devices don’t contribute to this type of attack. Some simple best security practices like strong Wi-Fi passwords and setting unique passwords and PINs for connected devices are good first steps for protecting your home. You should also always make sure that devices are running the latest updates and patches to prevent against any security holes.

Topics

Contributor

AJ Dellinger is a freelance reporter from Madison, Wisconsin with an affinity for all things tech. He has been published by…

Smart Home

WiCharge’s PowerPuck can power your smart home devices through the air

powerpuck powers your devices through the air without cables wi charge

Smart technology brings with it a huge number of conveniences that would have been unheard of even a decade ago, but wireless charging has thus far been limited to contact charging devices; for example, you might place a puck-shaped device on your nightstand and place your phone on it to charge. Wi-Charge hopes to change that through its trademarked AirCord technology with the new PowerPuck.

This is a type of wireless power transmission technology that can power compatible devices from up to 30 feet away. The device makes long-range charging easily accessible to anyone. The PowerPuck can be plugged into a wall outlet or screwed into a light socket to provide power. Wireless power makes it possible to create more aesthetic looks through the home when you don’t have to fight with unsightly cords or finicky cable management. Even devices that do not currently require cables and instead operate on batteries do not have the best battery life.

News

First smart TVs, now your smart home can be compromised, FBI warns

The Google Nest Hub Max in use.

Cybersecurity is an increasing concern as more of the world becomes connected through various devices. In the past, cybersecurity meant keeping your passwords and usernames secure online, but now it has suffused every aspect of day-to-day life with the advent of smart devices and the Internet of Things. The FBI issued a warning to anyone using a smart home device: “Hackers can use that innocent device to do a virtual drive-by of your digital life.” The last thing you need is someone accessing your bank account through your Amazon Echo.

The FBI warns that your devices might not be as secure as you think they are and advises that users take a few steps to tighten up security in their home. The first is to change your devices’ default username and password. Because the default login credentials are readily found online, it makes it easy for someone to access your device.

Smart Home

Best standing desk deals: Plenty of options under $200

The CorLiving standing desk converter extended on a desktop.

Whether you’ve been shopping the best laptop deals or already have a laptop you enjoy, you’re going to need a comfortable place to do your work. Any of the best standing desks make a great option, and right now there are a lot of standing desks available at a discount. We’ve tracked down what we feel are today’s best standing desk deals and you can find them all below. For the times you’d prefer to sit you can also check out today’s best office chair deals, and if you’re looking for some savings to place on top of your desk check out all of the Dell laptop deals, Lenovo laptop deals, HP laptop deals, and MacBook deals going on right now.
MoNiBloom mobile work station — $54 $60 10% off

You can get into the standing desk game for dirt cheap with the MoNiBloom mobile work station. Its height is adjustable across a wide range and it has a thickened stainless steel frame for durability. This standing desk may be small and simple, but it's built to be sturdy and accommodate you in all kinds of different rooms. This is the perfect standing desk if you don’t have a stationary place you prefer to work, as it’s small enough to tuck into a closet and has wheels to easily maneuver from place to place.