How to Tell If a Smart-Home or IoT Device Has Been Compromised
Smart-home (or IoT) devices are super handy, but like any internet-connected gadget, there's a small chance they could be hacked. This guide will help you spot the signs of a compromised device and figure out your next steps.
If you suspect a device is compromised, the quickest way to contain the threat is to unplug it from the power and disconnect it from your Wi-Fi. This stops it from communicating with the internet or other devices.
What is a 'compromised' smart device?
When we talk about a smart device being 'compromised', it simply means someone unauthorised has gained control over it. This could be a hacker trying to spy on you, join your device to a network of compromised devices (a 'botnet') to send spam or launch attacks, or even just mess with your settings.
Unusual Behaviour and Performance
One of the first clues that something is wrong can be a change in how your device normally acts. Does it turn on or off by itself? Is it making strange noises or flashing lights unexpectedly? These could be indications that someone else is controlling it.
- Lights flashing or changing colour without you doing anything.
- Devices turning on or off at odd times.
- Cameras or microphones activating when they shouldn't.
- Unexpected changes in settings you didn't make.
- The device consistently running slower than usual or becoming unresponsive.
Network Activity You Don't Recognise
Smart devices connect to your Wi-Fi network. If a device is compromised, it might be sending or receiving unusual amounts of data, or trying to connect to strange places on the internet. While checking this can be a bit more technical, your router's app or settings might offer some insights.
- Check your router's app for a list of connected devices; look for anything you don't recognise.
- Some advanced routers show detailed data usage for each connected device. Look for spikes in usage from a particular smart device that doesn't make sense (e.g., a smart plug using lots of data).
New User Accounts or App Permissions
Attackers sometimes create new user accounts on your devices or within the associated apps to maintain access. Regularly checking who has access to your smart device apps is a good habit. Also, keep an eye on any new or unusual permissions granted to apps related to your smart devices.
- Review the user list in your smart device's app and remove any accounts you don't recognise.
- Check the permissions granted to the app on your phone or tablet (e.g., in Android: Settings > Apps > [App Name] > Permissions; in iOS: Settings > Privacy & Security > [App Name]). Look for anything that seems excessive or unnecessary.
Alerts or Warnings from Security Software
If you use security software on your computer or router, it might sometimes pick up on suspicious activity stemming from your smart devices. Pay attention to any alerts or warnings it provides, as these could be crucial indicators of a problem.
- Keep your anti-virus and anti-malware software updated and run regular scans.
- Check the logs or alerts section of your home network's security software or smart router app for any warnings related to your smart devices.
Key takeaway
Spotting a compromised smart device means keeping an eye out for unusual behaviour and regularly checking your device and network settings. If you do find something suspicious, disconnecting the device and changing all associated passwords are your immediate next steps. Staying vigilant helps keep your smart home safe and secure.