THE INTERNET OF THINGS – Could Be A Ticking Time Bomb
The “Internet of Things” is a term that describes any gadget, gizmo or tech equipment that is connected wirelessly and controlled over the internet. Some examples of the connected devices that make up the internet of things are webcams, refrigerators, smart TVs, thermostats, copiers, medical devices, automobiles, alarm systems, baby monitors, fitness bands, computers, modems, routers, digital recorders, etc. For purposes of this article, I will refer to them as “IOT” devices.
Presently, the estimated number of IOT devices is approaching around 5 billion devices. That number is expected to rise to 25 billion by 2020. A study by HP Security Research concluded that 70% of the most commonly used IOT devices had serious security flaws. 90% of these IOT devices were using unencrypted network service and 70% were vulnerable through weak passwords.
THIS POSES A VERY BIG PROBLEM!
The security flaws common in so many of these contraptions allow any skilled hacker to easily take control of one or more of these devices. Therefore, hackers are constantly searching the web trying to break into one of these IOT devices. Once a hacker gains control of one of these devices, the hacker can then gain access to the other connected devices – that are also connected to your Wi-Fi network.
Many of these devices are really only unsecure because the user doesn’t bother to change the assigned factory settings. They forget or neglect to change the username and password when they connect the device to their home Wi-Fi network. Hackers know the factory default passwords assigned to these devices.
So, if the user doesn’t change the default settings to something long and complex, then that device will be an open invitation to any hacker. Consumers are usually unaware of this and may not know how to even begin to secure these poorly-secured IOT devices. Furthermore, it is often up to the consumer to check to see if the manufacturer has a firmware update available for them to download.
Worse yet, there is no current security standard required of the manufacturers of these devices. Additionally, a lot of these devices are designed and manufactured in foreign countries that really don’t care about security vulnerabilities.
The FTC is starting to take this problem seriously and urging businesses to build better security into their IOT devices. They are also preparing to regulate IOT devices in an effort to protect consumer’s privacy and security. They specifically want to start by regulating automobiles and mobile-payment methods such as Apple Pay.
TIPS TO HELP PROTECT YOURSELF
- Don’t store personal information on any device – including your real name.
- Change the default username and passwords on all of your home network devices.
- Periodically check the manufacturer’s website to see if a firmware update is available.
- Use a different complex password for each one of your devices, so that if one device gets hacked, your other devices will not be jeopardized.
- Use anti-virus and anti-malware software on your home computer network and set them to automatically download any new updates.
- Keep your smartphone protected – it is the gateway to your car’s connectivity and many other IOT devices. Be sure your smartphone is password protected and has anti-virus and anti-malware installed on it.
For more in depth information about the internet of things, Brian Krebs of Krebs on Security, has an excellent article about this topic. Here’s the link to it: https://krebsonsecurity.com/2018/01/some-basic-rules-for-securing-your-iot-stuff/
ALSO, be sure to read a previous article I wrote about Router Security