The holiday season is well and truly upon us, by now you’ve more than likely got your Christmas shopping wrapped up, literally and figuratively, and dreaming about what you yourself will be unwrapping on Christmas day. Many of us will have bought, or will be hoping to unwrap, a smart connected device this festive season, especially those us tech junkies.
As IoT devices continue to pervade our day to day lives we look at some of the IoT Christmas gifts that will feature on many a Wishlist this year and asking the question ‘are they really secure?’
Smart speakers are continuing to grow in popularity, with the likes of Amazon already having stamped their authority on the market. Alongside Amazon, Google is dominating the rest of the market with its ‘Home’ system. It comes equipped with WiFi, high definition speakers and a sound sensitive mic. Home automation, entertainment and a world of interaction come with Google Home as it works to control your entire household.
As good as these smart devices are, they do carry a risk. For example, commonly used music streaming services such as Spotify can be used through these speakers, which may leave devices vulnerable and at risk of their security being compromised. This has been seen in particular with the Bluetooth issues collectively known as BlueBorne which witnessed an attacker hack into a smart speaker.
Thankfully these issues have since been patched but more problems are certain to arise in the future. This is why proper configuration of all your devices is important, especially in regard to IoT devices that have the ability to communicate throughout your home.
Is your Coffee Maker Spying on You?
Yes, yes, it is. Or it could be, hackers can access smart coffee makers to gather information on you.
For some of us we don’t feel awake until we’ve had our morning dose of caffeine and the experience of your morning cup of coffee has gotten even better thanks to IoT. With a smart coffee machine, you can set it so that it sends your phone an alarm or notification to wake you up after it has finished brewing. These machines come with WiFi, Bluetooth and features such as customisable notification systems so you can have coffee ready and waiting when you get up or go home.
So, what’s the catch? You’d be surprised about the extent to which any IoT device can be hacked. Whilst you may be enjoying the convenience of your morning cuppa, this smart little machine could be hacked and held to ransom, used to gather your personal information, conduct espionage or used in a botnet to attack global businesses. For example, the Mirai botnet attack saw 100,000 IoT devices infected across 164 countries, the botnet was used to attack major brands such as Netflix, Twitter and Etsy.
Have your IoT Cake and Eat It Too
It’s understandable to be concerned about these IoT stories, and you should be. However, it’s possible to enjoy the features and benefits of IoT whilst being secure, you just need to take precautions with your devices. Follow our tips to get the best of IoT without compromising your security.
1) Only connect to what is necessary: Your smart fridge will be able to order groceries online as you run out. What it does not need access to is your databases and network file shares- ripe pickings for a potential hacker. Reduce the risk your IoT devices pose by only connecting them to the relevant places.
2) Password security: Unsurprisingly, a great deal of IoT security breaches have arisen via the same means as many other Internet security breaches – insecure passwords. Lots of IoT devices will come with a default password and attackers will find these online easily. If you don’t change the password that comes along with your device then you are inviting an attack from a hacker.
3) Update often: Regardless of the type of IoT device, the software behind it will eventually contain a flaw that needs to be fixed. The vendor will then update the software to rectify this, however you will need to make sure your device auto-updates are switched on so that it is able to update itself when it needs to and remain secure.
4) Disable redundant features: Many vendors will have all features turned on and ready to go as soon as the device is out of the box. However, with each feature you could be providing a different window through which a hacker can attack. We advise that you disable as many features as possible that will not affect what you want to get out of the item in question. Review what you need and disable any extras you don’t.
Have you bought an IoT device and has a security problem? Do you often change the passwords for your devices? Which items are you looking forward to this Christmas period?