People are interested and fascinated with an intelligent home or business which enables remote monitoring/manipulation of the thermostat, the lights, an empty soda machine that can send a message to be re-filled or the driverless car you took to work this morning. The future of an intelligent home or business uses continuously evolving ‘smart’ technology and devices under the umbrella term of the Internet of Things (IoT) and it basically means that many of these smart devices can be interconnected and connected to a common network. The devices using the Internet of things (IoT) concept are thought to be built and used in a secure way. However, when there is a lack of thorough security regulations for the manufacturing of these smart devices, when individuals and businesses don’t necessarily know what they are exposing themselves to, let alone how these devices operate and where they connect to, the security risks increase dramatically.
Reports said that on October 21, 2016, a virus called Mirai was used to highjack an unknown number of IoT devices into flooding an Internet Service Provider (ISP) named Dyn. The company itself was relatively small. However, due to the nature of Distributed Denial of Service (DDoS) attacks, there was a lot of collateral damage. People were not able to use their accounts on large websites and content providers like Netflix, Twitter and Spotify.
In this instance, IoT devices are being attacked in a similar way as devices were in the 1980s, when they were relatively new developments, and it can also be compared to the 1990s when viruses started to run through the internet. The tools and know-how for fighting viruses are already in place, but these are not being used enough due to the lack of information about how a ‘smart’ light bulb, as part of an IoT network of connected devices, can lead a hacker to gain access to other connected devices in your business and home.
The simplest way to keep smart devices away from viruses is to update the device with the latest software/firmware. Unfortunately, users of these devices are unaware of the risks of not updating regularly.
IoT is about connecting things. This is a fundamental characteristic of the technology. For IoT to be secure, security has to be in the minds of everyone. The following are ways to keep your smart devices secure:
- Buy trusted brands. In general trusted brands have teams of programmers constantly working on the code for these devices. They are also the same team responsible for updating the software, as well as testing the software for any security vulnerabilities.
- Trusted brands use security companies to test devices before releasing them to the marketplace.
- Use passwords that are difficult to guess. The reason that smart devices have passwords is for security purposes. However, a majority of people do not change the passwords from the default, or worse, change the passwords to something which is easily broken. The first thing that you should do once you have a smart device is to change the default password to something you can easily remember but would be hard to crack.
- Change passwords regularly. Besides changing passwords regularly, you should try to have different passwords for different devices. It is recommended that you change your password at least every 90 days.
- Keep software on your devices updated. Updates have the latest security patches. In addition, there are regularly scheduled updates and there are priority updates. If you regularly check for updates, you would not be left behind without patches to known security vulnerabilities.
Security concerns are valid and should be considered as top priority. This ensures that your smart devices function as expected, and are not hijacked for nefarious purposes.
Businesses and organizations are at risk from unsecured IoT devices. Like any connected computer, the open connections of an unsecured network is like an open door for malware to enter. Owners must treat their IoT devices like any other computer: with a vigilant eye on security vulnerabilities. The threat is real and growing as more and more IoT devices get deployed. Users have to take the necessary precautions. For companies, they should also take the additional precaution of using a security agency to test for vulnerabilities regularly.
Originally Published at: http://www.mercuryz.com/blog