Posted on July 18, 2019
The Things of Things (IoT) continues to grow at a remarkable rate with analysts predicting the global IoT market, worth a dizzying half a trillion dollars by 2021.
But experts have also noticed another IOT trend: dangerous salmon security.
In this article, we give you a little background on the security issues that affect the Internet of Things, as well as a few simple steps you can take to make your home a safer place both today and in the years to come.
What is an IoT device?
Since we are talking about IoT at home (as opposed to in the workplace or other public places), it is enough to say that any "smart" device or device in your home connected to other devices over the Internet qualifies as one thing of things "thing". In addition, IoT also involves collecting and analyzing user data to improve performance ̵
The most common examples of IoT devices are probably virtual assistants such as Amazon Alexa or Google Home, but a surprising number of other home appliances have already connected smart versions. From refrigerators who know when you have low milk on the baby screens that can be accessed remotely from the iPhone, the list of IoT things grows longer in the day.
Why would anyone hack a baby monitor?
A major challenge to making IOT safer has made the public understand the potential security risks of having home networking equipment. And part of the problem is that the idea of hacking the refrigerator just seems a little … stupid.
Imagine why bad actors would try to break into a computer network, but why would anyone have hacked a thermostat or a baby monitor? Then the answers may surprise you.
Here are just a few options:
- Creating a Million Things Army
Malicious actors have managed to infect a large number of malicious software IoT devices that cause them to send fake connection requests to a site – overwhelmingly and crash the targeted site. Called "botnets", these armies of zombie units have already been used by hackers to perform criminal attacks on businesses and universities.
- To my cryptocurrency
Hackers are working on ways to exploit the distributed computing power of botnets to do more than just attack websites: IoT botnet cryptomining is also on the rise. Criminals have already managed to use the resources of a large number of compromised machines – including IoT devices – to lessen the Monero crypto curve.
- Attaching Common 2.0
Time was a burglary having to look for potential targets after driving suspiciously around a neighborhood, potentially attracting unwanted attention from residents or police. In the wrong hands, data from a hacked IoT device can be a valuable source of information about a household's habits as if the owners are likely to be gone.
What can you do to protect yourself?
- Make a reality check
Before connecting to a new device, ask yourself: Is my espresso machine really connected to the Internet? Only you can decide which rewards justify the potential risks, but sometimes IOT security can be so simple that you don't connect to your smart device in the first place. So take a second to think about things and remember that you don't have to connect to everything for the internet!
- Changing the Default Settings
Many IoT devices come with standard preset passwords and can be connected and used without changing them! This makes it obviously difficult for malware writers to make attacks that only try known standard passwords before accessing a device. So, when you connect to a new IoT device, instantly change the factory default password, and create strong, unique passwords for each device you use.
- Keep things separated
Consider the benefits of separating your IoT devices from the rest of your digital world. You might want to set up a special WiFi network that you only use for IoT stuff. Take the extra step of using a separate email address to register IoT devices and don't use it for anything else.
- Herd your network security
Do everything you can to make your network difficult to attack. Do not use standard router names, as this may reveal manufacturer or model information that an attacker may exploit. Instead, give the router a unique name that does not provide any identifying information. Use a strong encryption standard like WPA2 and always ensure your network passwords are as robust as possible.
- Refresh the fridge!
Recognized manufacturers are aware of the security risk of IoT stuff, and release regular firmware updates. Some even build security software in their devices. If automatic updates and common virus scans are available for the device, they should be enabled. If not, consider visiting the manufacturer's website regularly to download firmware updates.
The Internet of Things is here to stay and will only become a more pervasive part of our lives. We hope manufacturers will become more aware of the security that the industry is developing, but at present it is important that anyone using IoT devices at home is aware of the potential risks, so that they can take steps to protect themselves.