You may be one of the many who thinks that your home network is safer than your organisation’s. After all, at work your entire network could be infected by a colleague accidentally clicking the wrong thing once. The more people in your company, the more likely this is to happen. So, in the safety of your own home, you’d think you’ve ingrained a culture of cyber security awareness therefore breaches wouldn’t be likely to happen?
Well, think again. We now live in a connected household with a multitude of devices relying on the internet. In a previous life, it was only our PCs and laptops that we had to worry about. Then we had to worry about tablets and phones. In the modern day, everything is connected to the internet and this means more things can now be hacked. Electricity, heat, kitchen appliances, doors, music, showers, practically anything in your home can now be hooked up to the internet and each of these things is a cyber security risk.
As we enter the third week of European Cyber Security Month, the aim of this blog is to raise awareness about the threats from IoT and provide guidance on how protect your home network and your online privacy.
Embedded operating systems, such as those used in popular smart home devices are often not designed with security as a main point of concern. Because of this many of these devices contain vulnerabilities that prove to be lucrative backdoors for hackers. They can gain information including names, personal details and even financial details. In more extreme cases the entire device can be hacked and controlled which can have all kinds of permutations for you and your device.
Without the vigorous testing needed before launching these devices into the market, networks are becoming even more vulnerable. Hackers are now equipped with new entry points through which they can not only gain access to our networks, but can also intrude on our privacy by bugging and spying.
According to the Information Commissioner's Office (ICO), the UK authority which is responsible for enforcing the Data Protection Act of 1998, people are still leaving their devices unsecured, and manufacturers are still not incorporating adequate privacy safeguards into their products.
To help protect people's privacy, the ICO recommends users take the following steps to secure their IoT devices:
• Use the most secure products available on the market (Do your research. Make sure the product you are buying is secure, tried and tested)
• Secure all routers by changing the default settings
• Do not use default credentials for any devices
• Implement security updates available on each manufacturer's website
• Take the time to understand the security and privacy options available on each device
• Implement two-step identification, when available.
We all need to adopt a cyber cautious approach in everything we do. From the office, to our home, and even on the go we are likely to be using a number of devices and we need to be prepared for the threats that come along with them. Start now and develop the cyber security habits you need to keep you safe at home and at work.
Have you experienced an IoT hack, how did it happen, what would you do differently if it happened again? Let us know below.