January 29, 2020
Using IoT devices and appliances to manage your home is an increasingly common practice in most modern-day households. Home assistants, smart doorbells, and internet-connected household appliances communicate via IoT technologies. Though prevalent in our lives, securing these devices from cyber attacks is still a major challenge technologists and manufacturers face.
You’ve probably heard news reports about compromised IoT devices being responsible for a large-scale botnet — when a network of private devices become infected with malicious software. The botnet can launch denial-of-service attacks, steal data, inundate users with spam or even access devices and their connection without the owner’s knowledge.
In terms of an IoT-connected Smart Home appliance, this most likely means a botnet would be accessing and controlling the device. If you’re wondering why anyone would want to hack into your toaster, you’re not alone. Yet, hackers can find valuable data about you from the most minor appliances in your house.
“Manufacturers need to be held more accountable with regards to road maps for updates for any devices they sell,” says IEEE Senior member Kevin Curran. “Even something which seems innocent, such as an IoT-connected coffee maker, could be hacked, and allow attackers to know our pattern of use. From that, they can make predictions as to when we are at home or not.”
Here are three ways to protect yourself and your devices from cyber invasion.
What Can You Do to Protect Your IoT Devices from Cyber Attacks?
Make Stronger Passwords
Some states have started to enforce stricter rules for IoT device manufacturers. The law requires each device to come with a unique password or allow the user to create a stronger password. Plus, the manufacturers must also provide security updates.
But even if you don’t live in California or the United States, it’s still wise to change your password after buying a device. “Whenever you buy an Internet-Connected device, such as a router, baby monitor or connected closed circuit tv (CCTV), change the default password,” says Curran. “In fact, every device you purchase that has a default password should be changed on first use. There are search engines which crawl the web for connected IoT devices, and hackers will try default passwords on those devices.”
If you do not change your password, “you are basically leaving your keys in the door,” says Curran.
Another tip to making your passwords stronger is to use different passwords on all sites.” Install a reputable password manager which will create complex strong passwords and store them in an encrypted file on your own computer,” suggests Curran. “You then only need to remember one master password and the password manager will automatically take care of logging you into different sites with secure passwords.”
Update Your Devices Immediately
Sometimes updating your smart, or IoT-connected devices is the last thing on your “to-do” list, and it’s easy to forget to update your mobile app. But making sure your devices, like your smart assistant, home security device or baby monitor are using the most recent software is an easy way to ensure your safety from potential hacks.
“The one aspect that I wish everyone knew was the importance of timely patches to software and operating systems,” says Curran. “Running the most recent versions of your mobile operating system, security software, apps and web browsers is among the best defenses against malware and other threats.”
“When you see a message on your computer or mobile to update, then do so immediately,” adds Curran. “These updates often contain security patches which protect against new vulnerabilities.”
Buy Devices From Manufacturers Committed to Protecting You
Only buy devices from manufacturers committed to ensuring your family’s security and privacy is protected. Do some research before you buy a smart device to see if the company has had trouble with cyber attacks in the past.
“Organizations need to ensure they deploy IoT devices with sufficient security policies in place, such as firewalls, and intrusion detection and prevention systems,” says Curran. “But they also need to ensure they cater for the confidentiality of their customers’ data.”
But the truth is, consumers should always be looking out for themselves and stay educated about the ways to protect themselves. “We have too many vulnerabilities because people still assume that someone else is handling it, or the system is handling it, and they don’t have to worry about it,” says IEEE senior member Steven Furnell. “Having taken the responsibility on board, you then need to understand and follow the baseline good practice.”