On the base of the IoT (Internet of Things) is a global digital information exchange. Without such information exchange, the IoT wouldn’t be able to serve its purpose. However, the IoT poses threats to security that require full protection. Any device or unit that connects to the Internet or depends on connectivity – from surveillance cameras, fridges, smartphones, smart thermostats – can be hacked.
| In 2016, most part of the Internet, including Twitter, Netflix, CNN, and other important websites, as well as the main Russian banks and the whole country of Liberia, were blocked by the botnet Mirai (a set of devices connected to the Internet compromised by an intruder). The botnet took advantage of security vulnerabilities in IoT devices such as home surveillance cameras by installing malware and attacking Internet routers. This botnet is still active and others like it have followed. |
More recently, research by Checkpoint detected vulnerabilities in smart lamps that can be exploited to provide ransomware or spyware to home networks, therefore compromising those devices and its controllers.
Unfortunately, these attacks are usually hard to detect in IoT devices. Most hackers know how to act and get in without being detected, while they gather precious information and reliable data. If hackers enter the cloud, the breach could be extremely hard to detect until data has already been collected by intruders.
So, how can you avoid being a victim of IoT attacks?:
Here are six measures you can take to reduce the risk of security breaches in your IoT network:
1. Set a separate network for your devices
Check if your router allows you to configure multiple networks. Many routers have that option. A separate network for your devices allows you to make it harder for hackers to attack and makes your connections and information more secure. For devices that work via cloud, define a Wi-Fi network that only allows Internet access but doesn’t allow communication between equipment in the same network (when possible)
2. Confirm whether your devices have a connection to the Internet
To better protect your devices, confirm which ones have a connection to the Internet. Other than the obvious devices, such as computers, tablets, and smartphones, there are also gaming consoles, speakers, and any other device with a microphone or camera. In case of doubt, check the manufacturer’s information and whether these are enabled and updated.
3. Use strong passwords
Setting a password is one of the most important steps. It’s worth to remember that using a strong password is essential and that all devices must be protected properly with a password that includes a combination of letters, numbers, and symbols. You must also avoid using the same password for multiple accounts. This prevents hackers from having access to multiple devices when finding out a password.
4. Use secure Wi-Fi connections
| If you are checking your smart devices remotely, use a Wi-Fi network that is secured with a password. Unsecured connections may put your device at risk of attack. To increase the security of your personal network, use strong passwords for your router and Wi-Fi connection and update them regularly. |
| For equipment that uses Wi-Fi as a connection mean, networks must use the standards that are considered secure, such as WP2 with a strong password. |
| In addition, confirm whether the digital environment of the device’s website you are accessing is secure. To that end, check our recommendation about Identity theft and Internet Fraud Scams and Secure online shopping. |
5. Keep your operating systems, software, and applications always up to date
Companies that develop operating systems, software, or applications often provide updated versions with potential vulnerability corrections. Check and turn on the automatic update option, in case your IoT devices have one. We recommend that you do this to protect you from ransomware and other malware. Read the manuals provided and use all security controls provided with the equipment, e.g. protecting access with credentials.
6. Enjoy the technology but be aware
Using technology is something we do every day. We must know how to take advantage from technology, but we also have to deal with its challenges. Keeping up with technology is not easy. While we are thankful to the convenience that it delivers, the risks we take are often imperceptible. That is why being careful is so important. User negligence is still the main cause of security flaws. People must be trained about user policies. Recognizing potential vulnerabilities and restricting control accessibility within networks is extremely important to prevent intentional sabotage
