The Internet of Things (IoT) involves smart technology being rolled out to devices in all aspects of our lives – from home appliances to utilities, healthcare, smart town planning and much more.
You may already have an internet TV or smart electricity meter in your house, have a smartphone controlled heating app or wear a WiFi connected fitness tracker. The question is: how safe are these devices?
All these ‘things’ have one thing in common: the ability to automatically transfer data over a computer network. However, the problem is that because networked appliances and devices are a relatively new concept, security may not always have been at the forefront of product design.
Many IoT products are sold with old, un-patched embedded operating systems and software. As for users, how many actually bother to change the default password on their connected devices and, even if they do, will they select a strong enough password?
Ever since the IoT concept was proposed in the late 1990s, computer experts have been warning about the potential risk of huge numbers of unsecured devices connected to the internet.
The first IoT botnet (a group of hacked computers or other connected devices that are used of unauthorized purposes) was discovered in 2013 when it was revealed that hundreds of thousands of malicious emails logged through a security gateway had originated from a botnet that included smart TVs, a fridge, a baby monitor and various other home appliances.
The cyber attack in October 2016 on the internet infrastructure provider Dyn badly affected websites including Facebook, Twitter, Netflix and The Guardian and also disabled many other sites in Europe and the US. The Distributed Denial-of-Service (DDoS) attack did not constitute a network breach, merely a large number of unsecured devices hijacked by simple hacking methods such as scanning open networks for devices using factory default passwords. It was worryingly easy.
As the IoT market increases – predicted to reach 26 billion units by 2020 – there’s a much greater surface area for hackers to work on, including every WiFi kettle and app operated home security system sold. Securing these devices is key to protecting our personal data, manufacturers’ intellectual property and operational infrastructures.
So, what can we do?
Here are 5 simple but effective tips that will help you keep your smart devices safe from cyber intruders. Why not put them into practice today?
- It’s crucial to remind yourself that the security of your smart devices is just as important as the security of your computer or smartphone, and that you should put the same amount of effort into ensuring its integrity.
- If you do nothing else, make sure you change the factory default log-in and password for each smart device you own. It should go without saying that a strong password is your best defense, so stay away from obvious words and word combinations that are easily guessable by a hacker. Rather than “SmithHome” or “rosecottagefamily,” choose a password that is at least 8 characters long, ideally with uppercase and lowercase letters and numbers or other symbols, too. Use a different password for each device.
- It’s a good idea to use an encrypted connection every time you access your home network(s) remotely. Unfortunately, many smart gadget broadcast information in plain text, or use poor encryption.
- Regularly check if the connected device manufacturer issues regular software updates, security fixes and patches and keep these updated to keep your device as safe as possible at all times.
- Ideally, set up a separate home network just for your smart home devices. In that way, even if one of your IoT home devices is hacked, the damage will be limited since the intruder won’t be able to access your personal files and data stored on your home computer as well.
Keeping your personal data safe should be front of mind every time you connect a new device to your network. Theft of data – personal or financial – is a serious business and can do real-life harm. It goes without saying that prevention is always better than cure.