IoT: How to Deal with the Internet of Threats
The Internet of Things, or IoT, has become one of the most convenient—and dangerous—ways for consumers to connect to the Internet. IoT is the network of devices, or “things,” that communicate and send data via the Internet. When people refer to IoT devices, they’re typically leaving out smartphones, tablets, and computers. IoT more commonly refers to items that haven’t been traditionally connected to the Internet, like toasters, refrigerators, printers, or thermostats. These days, almost anything can be connected to a network—from water filters and decanters to salt shakers and egg minders.
IoT devices have exploded in popularity in the last several years for the convenience they provide. These devices might make our lives easier, but are they safe?
Can IoT Devices Be Hacked?
As a general rule, if something can connect to the Internet, it’s a security risk. So yes, an IoT device can be hacked. Since the Mirai botnet hit in 2016, cybersecurity professionals have increased their warnings to consumers about IoT hacks. IoT devices tend to have lower defenses than computers, laptops, or smartphones, so they’re an easy target for hackers.
According to a report from Unit 42, the global intelligence threat team at Palo Alto Networks, 98 percent of all IoT traffic is unencrypted. That means devices are exposing personal data to the networks they run on and allowing hackers to listen to traffic so they can gather and sell confidential data.
Not only can IoT devices be hacked, they’re low-hanging fruit for hackers. To protect yourself from cyber-attackers, you can make some simple changes.
The Biggest Security Risks with IoT—and How to Reduce Them
The Unit 42 researchers saw that password and brute-force attacks were the most common against IoT devices. Many people fail to change default usernames and passwords when they get a new device. This makes them susceptible to brute-force attacks. Some companies have come under fire for not advising people to change the default password once they launch their device. The solution to password attacks is simple: change your login credentials on your new device. Choose a username or password that’s randomly generated and either write it down or keep it in a password manager.
The lack of testing or regular updates is another opening for hackers to exploit on IoT devices. Manufacturers often fail to provide updates for their devices. They tend to focus on pushing out new products rather than updating old ones. If your device includes firmware, it’s usually only for a limited period of time. Devices that don’t update, or experience downtime when there is an update, are more vulnerable to cyber-criminals. The only way to reduce this risk is to purchase a secure device in the first place. Ask the manufacturer about security and updates. If this information is unavailable, chances are the security for that device is weak.
IoT devices are targeted for their poor security, but aren’t the final destination for hackers. They’re often used as gateways to access a network to introduce malware. Hackers aren’t interested in taking over your toaster, but they might use your toaster’s connection to your home WiFi to gain access to your network. Once they’re in, they can introduce malicious code to launch further attacks or take over other systems. Malware threats include botnets, backdoor Trojans, worms, and ransomware.
In addition to solutions listed for these security threats, you can mitigate your malware risk by disabling unnecessary ports or services on IoT devices. Unused ports are a way hackers can get in. You can also disable Universal Plug n Play (UPnP) which makes your device discoverable on the Internet. Malware is stored in a device’s volatile memory, so shutting it off completely and switching it back on can erase potential malware that’s lingering.
IoT devices and other “smart home” technology can expose your home IP address. This could give away your residential address. If you run heating or lighting on IoT devices, hackers can access and monitor them to see when you’re away from home. They can also hack into your network and launch a ransomware attack, rendering parts of your home inoperable unless you pay the ransom.
How can you keep your home network secure? Updating passwords is a good start. You could also improve WiFi security by adding a wireless network for guests in your home and encrypting it withWi-Fi Protected Access or WPA. You should also avoid public WiFi if you’re accessing your home IoT network while you’re out. Changing the name and password of your router to something random can also keep your network secure.
IoT has become a critical data security threat for average consumers and it continues to do so. As long as this market keeps growing, hackers will search for ways to exploit these devices. If you want to use an IoT device, know the risks and take proper steps to protect yourself from cyber-attacks.
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Online Privacy
- Online Safety
VoIP (Voice over Internet Protocol) exists to help people with their voice-based communication using the Internet –…[Read More]
A Ponzi scheme in investment fraud characterized by using money from new "investors" to pay off original...[Read More]
In today’s age of disinformation and fake news, conspiracy theories are running rampant. Some are small and…[Read More]