I haven’t been able to bring myself to install an internet connected keyless entry system on the house yet, and it’s a good thing too. What is the one thing that makes all these things work together? The internet router. Each one of these devices needs your router access point name and password. Here is the problem. If your ROUTER is compromised, so potentially are all your devices on it.
Last fall, we had an issue with our washing machine. The screen, which is run by a small computer inside running Android, starting displaying everything BACKWARDS. The screen functioned as though the screen was correct, meaning the buttons appeared on left side, but you had to push the right side of the screen to make it work. I thought it was a glitch and looked up on the internet to reset it to factory settings. All devices have a factory settings switch you can use a paperclip to reset right? Wrong. There is one on the refrigerator, but not on the washer. We put in a service call, since it was still under warranty, had an engineer come out to fix it.
The engineer told me he would have to replace the entire computer unit. There was no way to reset it to factory settings, and it is a good thing that it was still under warranty because to replace the control unit with a new one would have been very expensive.
He said he had worked on a couple of these, but had never seen this happen, it was as though someone had hacked the control unit and didn’t or couldn’t put it back.
Hacked. A Washing Machine? Seriously?
How could someone had gotten through the firewall on my router to see the washing machine to hack it?
I started doing some research on how to bypass the security on a home router and was surprised by what I found. In September of 2015, Arstechnica.com reported that hackers had installed back doors in cisco routers. The rumor was that the routers were leaving the factory already compromised. It made me wonder, if this could happen to Cisco, who most of the internet runs on, what about other manufacturers? I discovered that a report was released in 2013 (the same year I bought my house) ) that most of the top internet routers had vulnerabilities that were easy to exploit. Even my trusted Netgear N Series router had a backdoor issue.
It turns out that most all home routers produced 2 or more years about had some security vulnerabilities,, including open ports, that would allow someone on the same network (read on your ISP) to take full control of the router, even perform a reset, without the password. Many technical sites reported this issue, , which continued to be an issue throughout 2015 While most of these issues have been patched in the updated firmware for the router, and new devices have been released with the fixes implemented, many people could still be running compromised devices. If you have an older router, make sure you have updated the firmware, then test it for vulnerabilities If your router fails at any point. It’s time to invest in a newer router. I did, and promptly loaded the latest firmware.
After testing all our internet connected devices, and resetting the access point name and password on all these devices, I think we are in the clear and can start enjoying our connected home again. I did mention to the wife that since the only other device that is always on is our home media center, I should probably rebuild it too and she agreed. I had been wanting to upgrade that thing for a while now. I was able to build a completely new Media Center with an Intel NUC.
The NSA published a map of the United States showing major cyber attacks, and since I and my friend from Amazon live in an area considered to be one of America’s industrial centers and have a 4+ year old router, I think I was able to convince him to spend the money to purchase a new one. Your home deserves technology updates too, if you haven’t updated your router in the last 3 years, it’s probably time.