10 unlikely features in your smart home that may be putting you at risk of cyber attacks

Author profile picture

Susan Meyer

Senior Editorial Manager

Susan is a licensed insurance agent and has worked as a writer and editor for over 10 years across a number of industries. She has worked at The Zebr…

Credentials
  • Licensed Insurance Agent — Property and Casualty
Author profile picture

Ross Martin

Insurance Writer

Ross joined The Zebra as a writer and researcher in 2019. He specializes in writing insurance content to help shoppers make informed decisions.

Ross h…

Credentials
  • 5+ years in the Insurance Industry

Smart tech or Internet of Things (IoT) devices pervade all aspects of our lives from our phones to our cars to our homes. In fact, our homes are full of convenient advances. We have thermostats that we can operate with an app even when we’re away from home. We have voice-activated tools that can operate our lights or turn on some tunes or give us the latest weather information. 

The average American home now has a total of 22 connected devices[1]. After all, in 2023, who really wants to touch a light switch? But are all of these modern conveniences making us vulnerable to cyber attacks? In many cases: yes, due to the data they collect about us. Cybercrime is predicted to cost the world $8 trillion in 2023[2].  

Let’s look at some of the potential unexpected cyber threats in homes and how you can protect yourself.

1. Lightbulbs

Smart light bulbs can offer energy efficiency and also the ability to change your lighting through a mobile app or even through voice-activation. But they can also represent a potential security vulnerability. The devices have simple chips that can still be used by hackers to target your network. If a smart bulb is infrared-enabled, hackers can use an infrared wavelength to directly access a home’s digital network and their personal data.

2. Refrigerators

Smart fridges provide the same cooling power as their dumber, less-internet-enabled cousins, but they can also do things like order groceries for you or tell you when your milk has expired. And, of course, because they’re connected to your network, they may also be vulnerable to cyberattackers. By hacking your fridge, bad actors and pranksters can view your data and also potentially spoil your food remotely. Your smart fridge could also potentially be a gateway to other devices in your home network. There have even been cases of smart fridges being hacked to mine for bitcoin, a situation called crypto-jacking.

 smart fridge

3. Baby monitors

Who doesn’t want the peace of mind of a video monitor keeping an eye on your precious cherubs? Unfortunately, some of the more advanced baby monitors can be infiltrated, if not protected. Internet-enabled cameras that are attached to your home wi-fi network can be targeted by hackers. They can take over the camera and, depending on the features of the monitor, even speak through it. It can be difficult to tell if a baby monitor has been hacked, keep an eye out for any camera movement that you’re not controlling or strange noises.

4. Pet devices

Are you one of the one in five pet owners who uses a digital device to monitor or secure your pet? According to one study, 39% of people who use digital devices are posing a security risk[3]. Devices used to track cats and dogs can be open to cyber attacks which allow bad actors to manipulate data about a pet’s location or even steal the owner’s personal data potentially. This is a particular problem if the device is connected to or shares a password with other devices in your household network.

5. Doorbells

The sudden proliferation of doorbell and motion sensor cameras has in many ways reduced crime as criminals have been caught on victim’s cameras or on those of their neighbors as they fled the scene. That doesn’t mean they can’t be vulnerable to cyber attacks though. A hacker with access to a doorbell camera can potentially track the occupants’ movements and know when they are home or not.

 doorbell

6. Thermostat

Smart thermostats can provide greater efficiency in heating and cooling your home. However, these devices do present another potential avenue for hackers to reach your home network and personal data. Smart thermostats can also be a gap in your privacy security because the data they learn about you can also be valuable to a would-be thief — they can reveal when you will be home and when you are typically away.

7. Smart locks

Locks are supposed to protect your home, not let just anyone in. While having keyless entry can be great for not worrying about you or your family members forgetting or misplacing a key, they can also be less secure. Make sure to buy smart locks from a trusted source that uses high levels of encryption. Another vulnerability can be giving out the code to too many people. Make sure people you don’t know well like house cleaners and pet sitters have a separate code that can be changed regularly.

8. Vacuums

Few people enjoy cleaning, so it's no surprise that robot vacuums have taken off in recent years. However, there have been concerns with robotic vacuum cleaners being hacked to record sound or access cloud data. These vacuum cleaners also usually record data on mapping your house, which can be valuable information for bad actors. Some robot vacuums also have mounted cameras recording your home and helping them get around, which can also be sensitive information you’d probably rather not share.

 iStock-901992126-1.jpg

9. Smart speakers

There was a time when if you asked someone if they’d like a recording device in their private home listening to what they said at all times, they would have put down their George Orwell paperback, laughed in your face and said absolutely not. However, these days millions of U.S. homes are equipped with these devices[4]. The problem is they may be listening to you even if you don’t directly talk to them, and they may be sharing that data with their parent companies, who can use it for their own targeted marketing purposes or even in some cases share it with law enforcement. And like many of the other items on this list, smart speakers are also an entry point for hackers to reach your whole home network.

10. Televisions

People may have smart TVs in every room in their home, but the fact that a hacker could access its built-in camera or microphone is particularly scary if you have one in your bedroom. Voice-controlled remotes also present an entry point for cyber attackers.

How to protect your home and devices

Now the good news. Protecting your home from cyber attacks doesn’t have to mean returning to the dark ages of vacuuming for yourself or having to leave the couch to turn on the light. There are steps you can take to make yourself more secure.

  1. Do your research before selecting a new smart home product. Look for manufacturers that are clear about what security measures they are taking and what features they offer to protect the device.
  2. Continuing on that point…actually engage all of the security features. Many people don’t read the full manual and don’t make sure their device is as secure as it could be.
  3. If it’s possible to password protect the device, do so. And if two-factor authentication is an option, make sure it’s enabled as well.
  4. Don’t use a default password that comes with the device and once you change the password, choose a strong one that isn’t tied to any personal details (your name, kids’ or pets’ names, birth years, etc.)
  5. Only use the aspects of the device you need and turn off any that you don’t, limiting the scope of your risk. 
  6. Update all security and software patches as soon as they come out. Many IoT vendors will do this automatically, but it’s good to be aware of any that need to be applied manually as well. 
  7. Secure your wireless network. This can be an easy gateway to access all your devices. Make sure the passport is strong, update your router firmware to the latest available, change the default network name, etc.
  8. Ask your home insurance company if they protect against cyber crime and consider an endorsement or additional personal cyber insurance.