A word of caution for those trying Home Assistant…
Meh. People who don’t understand network security shouldn’t be opening ports to the Internet.
From that same thread:
Keep your HA instance behind firewall and only accessible from LAN/VPN, make sure your IoT devices have appropriate firewall rules applied (only what a device needs to function) and you won’t face this problem.