The danger arises when hackers exploit some of these security flaws and use them to breach home networks, computers, and smart and mobile devices.

"Once cyber criminals have access, they can steal personal and financial information, hold computer files for ransom, and hijack anything from webcams and thermostats to smart TVs," Cernak said.

And, with 80 percent of consumers using home networks, the risk of a cyber attack is high.

It is possible that a personal device could be commandeered by a hacker and you would never realize it. Unlike a computer, where you would notice that it was running slower or access to your email might be locked, it is more difficult to tell if someone is nosing around your refrigerator or accessing the baby monitor.

"As you see other connected devices on the network, you might notice different things," said Cernak, "like the light on your camera is on when you're not broadcasting. Some devices control your physical environment like the connected thermostat that starts heating when you haven't turned the heat on, or the refrigerator starts to thaw out and you're not doing it — that could be a sign. The first indication that something is awry is that it's not operating the way it should be."

Related: Hackers are targeting your smart devices

Smart televisions have very real vulnerabilities and allow hackers and others access into a home without anyone being aware that they are being watched. (Photo: iStock)

How do hackers find your network?

Most hackers aren't being discriminate when they look for networks or devices to hack, said Cernak. "They are just looking for sheer volume for DNS attacks. They have tools that will allow them to search the internet and they are just looking for mass quantities at this point."

There are a variety of software programs that will allow hackers to find devices. "Cryptoware scans and looks for mass vulnerabilities," he added. Most personal devices are just like mini computers so a lot of the same safety mechanisms you would apply to your computer also apply to your phone and other electronics.

The majority of attacks still occur through more traditional portals such as home Wi-Fi systems or clicking on the wrong link in an email, although now consumers use multiple devices to access the Web.

Some devices such as smart TVs provide an opportunity for ambient listening so a hacker could hear what's going on in your house. It is possible to turn off this option, which frequently operates when the TV is turned on. Since the camera on the TV could be activated, this also becomes an invasion of privacy issue.

"It's important for you to understand the risks you are assuming by deploying this type of technology," said Cernak. "Most people would be appalled at the information that is collected and by whom."

Recently, Hartford Steam Boiler Inspection and Insurance Co., which is part of Munich Re, and Chicago-based technology firm Prescient Solutions, hosted a "Home Hacker Lab" that demonstrated how cyber criminals access and use home networks and personal devices as part of a cyber crime.

Here are 10 tips to help homeowners keep their home systems safe:

Related: Friday's cyber attacks a 'wake-up call' for insurers and public alike

(Photo: Shutterstock) 

1. Don't forget those updates

It's important to make sure that appliances, phones and other electronics have the latest updates and security patches, since they frequently fix vulnerabilities that have been discovered since the device was issued.

(Photo: Shutterstock) 

2.  Keep social media and financial activity separate

Clicking on the wrong link can allow a Trojan or other virus to enter your computer. Consider using one computer just for financial transactions like online banking and another for social media, email and other online activities.

Secure routers and other devices added to a home network to prevent unauthorized intrusions. (Photo: iStock)

3. Yes, security matters

Just like you would protect your network at work, the same basic computer hygiene also applies to your home. "If you're using WiFi, don't broadcast the network name," cautioned Cernak. Make sure to change any default settings, names or passwords when installing new smart devices. Install new devices behind a firewall rather than linking them through a home computer.

The risks have also changed with technology. "Instead of hackers taking over and encrypting your computer, they can take over your thermostat and turn it down in the dead of winter and hold it for ransom until you pay the ransom," he explained. 

Related: How to respond to cyber extortion demands

(Photo: iStock) 

4. Set up authentication

Many online accounts from your email to financial organizations offer two-factor authentication — a password and a code sent to a mobile device or email to verify who is accessing the account. Setting up dual authentication provides an added layer of protection for your accounts. Make sure that passwords are complex (not birthdays or children's names), difficult for someone to guess and include a combination of letters, numbers and symbols.

(Photo: iStock) 

5. Secure your smartphone

We do everything on our smartphones from online banking and shopping to buying movie tickets and more. If you have not password-protected your phone, set it up immediately. Many phones also offer a fingerprint access option as well.

Why is this important? Most smart devices have some sort of smartphone app that allows you to access it from your phone, making it a critical entry point to your house for anyone who commandeers your phone.

Related: What business owners need to know about cyber risk from wearable devices

(Photo: iStock)

6. Make smart app purchases

Cernak recommends only purchasing apps from recognized app stores such as Google, because those purchased from third parties may not have the same level of testing for flaws.

Also make sure to read the privacy policies so you know who has access to your information, what information is being accessed and who it will be shared with. Beware of downloading any apps that prompt you to do a quick download, because these versions may include malicious code or security flaws that would allow hackers access to your device.

(Photo: iStock) 

7.  Turn off the Bluetooth option

When you're not using the Bluetooth feature on a device, turn it off to prevent any ambient listening or access by unauthorized persons. Most mobile phones, tablets and other items offer this type of functionality. Devices such as baby monitors and smart speakers can then be hacked through the Bluetooth function.

(Photo: iStock) 

8. Purchase new devices

"When buying IoT devices, purchase those that are unopened and unreturned from retailers," cautioned, Cernak. Some people will buy devices, infect them with a security flaw or malicious code and then return them to the retailer. "Look at how the device is made, designed and how it is used, and change the passwords when you connect them," he added.

(Photo: iStock) 

9. Wipe your information

If you're purchasing a new device and disposing of an old one, wipe any data and reset it back to the factory default settings to make sure any personal information is removed and inaccessible to someone who might gain access to the device.

(Photo: iStock) 

10. Check your insurance policies

In the event of a breach, Cernak recommends checking your homeowners' or identity theft insurance policies or contacting your agent since the policies may help provide access to forensic and other experts who can help with the aftermath. In addition, some level of indemnification coverage may be available for identity theft or other effects from the breach.

Read on to see what to do if you are the victim of a hacker …

Once a hacker accesses a home network, they may be able to control a full range of devices that manage the home's environment. (Photo: iStock)

What to do after the cyber attack

If one or more of your devices are hacked, Cernak says to disconnect it immediately without altering any settings or running any scans. "Find a professional forensics firm who can help identify how far the attack went and what was impacted," he advised. "You want to contain and remediate the situation without destroying the ability for a specialist to follow what happened."

Who to report the breach to depends on the type of incident involved. In the case of identity theft, it may be necessary to file a police report and notify all financial institutions such as banks and credit card companies.

The bottom line, added Cernak, is to be aware of what you're doing. "Understand the risks associated with deploying this technology and treat these devices like you would your computer."

Related:

Should you call in the feds after a cyber breach?

5 horrifying smart home hacks (with video!)