01 June 2020

After a spate of device hacks, Google beefs up Nest security protections


Google has added its line of Nest smart home devices to its Advanced Protection Program, a security offering that adds stronger account protections for high-risk users like politicians and journalists.

The program, launched in 2017, allows anyone who signs up access to a range of additional account security features, like limiting third-party access to account data, anti-malware protections, and allowing the use of physical security keys to help thwart some of the most advanced cyberattacks.

Google said that adding Nest to the program was a “top request” from users.

Smart home devices are increasingly a target for hackers largely because many internet-connected devices lack basic security protections and are easy to hack, prompting an effort by states and governments to help device makers improve their security. A successful hack can allow hackers to snoop in on smart home cameras, or ensnare the device into a massive collection of vulnerable devices — a botnet — that can be used to knock websites offline with large amounts of junk traffic.

Although Nest devices are more secure than most, its users are not immune from hackers.

Earlier this year Google began requiring that Nest users must enable two-factor authentication after a spate of reported automated attacks targeting Nest cameras. Google said its systems had not been breached, but warned that hackers were using passwords stolen in other breaches to target Nest users.

Other devices makers, like Amazon-owned Ring, were also targeted by hackers using reused passwords.

While two-factor authentication virtually eliminates these kinds of so-called credential stuffing attacks, Google said its new security improvements will add “yet another layer of protection” to users’ Nest devices.


Read Full Article

No comments:

Post a Comment