Routers with home automation security

The authors of this comparison explain that they have observed a very large security variability, depending on what the manufacturer of the smart device has invested in the hardware and software to protect and encrypt its communications. And for the technological giants that promote the most popular home automation systems —such as Amazon's Alexa or Apple's HomeKit— this situation is a serious problem that threatens the reliability of their platforms.

The most immediate way to cover these vulnerabilities is to strengthen the security of the router, the control center of the home WiFi network. Amazon made a move in February 2019 by acquiring the company Eero, a pioneer in the field of mesh routers: a technology designed to achieve a powerful WiFi signal that reaches every corner of the house (chaining several modules installed in different rooms), which solves one of the most common drawbacks of traditional routers. In addition to this advantage and the simplicity of configuration (with a mobile app) —a common point in the mesh systems of this and other manufacturers— Eero had stood out for adding a transport layer security system as standard to its routers (TLS) to encrypt communications; and also for offering a subscription service that protects (from viruses, malicious websites and attacks) all computers, mobile phones and smart gadgets on the home network.
The new generation of mesh routers is designed to create better home-friendly and more secure WiFi networks.
The next move came from Apple. At its software developers conference in June 2019, it announced that it would adapt its home automation control system (HomeKit) to integrate routers from manufacturers such as Linksys or Eero itself. Finally, this compatibility arrived at the beginning of 2020, and its main use is that it adds a firewall to each of the home automation devices in the house; In this way, if one of them were to be controlled by a cyber attack, it would not be able to access the rest of the home network or the personal information contained in it.

A common and safer umbrella

The third step to end insecurity and incompatibilities between multiple home automation systems came in December 2019, when Google, Amazon and Apple joined forces to present an alliance to establish a standard home automation system: Connected Home over IP (CHIP), which also includes other major manufacturers of smart accessories such as Philips, IKEA, Legrand, Samsung or Schneider. Apple then opened part of the code of its HomeKit system, "to accelerate the development of the new universal standard", while Google provided key technologies to establish "direct, private and secure communications between home automation devices, mobile phones and cloud services. This approach reduces points of attack and vulnerabilities.”
The specification of this standard should be completed by the end of 2020. So from 2021 the first devices of a new generation of smart accessories, more compatible and safer, will begin to arrive. Along with routers designed to add protection to home automation systems, these new products promise connected homes that are more prepared to resist cyber attacks. Meanwhile, security experts recommend a series of measures to secure home Wi-Fi networks: change the administration password that the router comes with by default, use a different password to secure each home automation device, update the firmware of these accessories frequently and enable two-factor authentications when possible. Basically, our defense for now is focused on improving our habits with security keys, and apps to manage passwords are of great help for this. One more project of change in our digital life.