The Internet of Things (IoT) is any device or machine that has the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. IoT is essentially any device that can be connected to the Internet. These devices or machines include, Smart home security systems, Internet connected household appliances, Home Energy Monitoring and Control systems, Smart watches and Smart TVs. IoT isn’t limited to the household, many organizations in different industries are using IoT to operate more efficiently, better understand customers to deliver enhanced customer service, improve decision-making and ultimately increasing the value of the business.
Additional Reading: How the IoT is making Cybercrime Investigations Easier
Did you know…
Hackers can and have entered home and business networks through unpatched routers. They’ve also accessed and used unpatched IoT devices to attack other people online.
How did hackers do this?
IoT devices are easy targets for hackers because they traditionally have had very weak security. Often times, IoT devices remain unpatched for years at a time. Other times the default publicly known administrative password is left in place. Most IoT devices have not been hardened in traditional ways like your computer which runs antivirus software making them easier to breach.
10 Tips to secure IoT devices
- Give your Router a name. This makes it harder for a hacker to guess the manufacturer and try the default passwords.
- Use strong encryption methods for Wi-Fi networks. WEP should never be used. WPA2 is a good idea.
- Setup a Guest Wi-Fi network for visitors to prevent giving them password-based access to your home or work networks.
- Change the Default Username and Passwords. Hackers know all the default usernames and passwords used in IoT devices. They scan for IoT devices and when found, login with the default credentials.
- Use strong, unique passphrases for Wi-Fi networks and device accounts. Avoid common words and simple passwords such as Password123. Watch this CyberHoot video for better advice on passwords.
- Check default settings on security and privacy. Enhance them were possible.
- Disable features you don’t use or need. Remote management may be something you never intend to use, so disabling prevents anyone else from remotely taking over the device.
8. Keep your IoT device Software Up-to-Date. IoT devices run an operating system just like your computer. You patch your computer monthly, shouldn’t you also patch your IoT devices quarterly or at worst semi-annually?
9. Audit the IoT devices on your Network. As a home-owner or business-owner, do you know all the IoT devices on your network? Checking in your Router or Firewall to see the registered devices could help you identify something new and secure it before a hacker breaches it.
10. Enable Two-Factor Authentication (2FA). 2FA is not always available in IoT devices, but when it is, use it! It is the gold standard for authentication.
By following this advice, you can begin to tame the IoT risks you face both personally, in your home, and professionally, in your business.