For the most part, the IoT (Internet of things) is awesome. It’s responsible for Google Glass, Fitbit, and a number of soon-to-be-developed smart items for your home and work life. Unfortunately, not all is rainbows and talking toasters in the world of IoT, as internet-connected devices are potential targets for hackers and other security threats. There’s no stopping the IoT, and let’s face it: why would we want to stop it, so it’s important to recognize the dangers and employ strategies to protect yourself.
More Data to Protect
IoT relies on data collection; for example, the Fitbit monitors your sleep and exercise patterns and creates easy-to-read charts that monitor your goal progress. Samsung’s “fridge of the future” promises to send spoilage and shopping lists to your cell phone, but what if one of these devices is harboring a corrupted file or malware?
If you download or transfer the virus, malware, or corrupted file you can corrupt other devices (computers, cell phones, etc.). Encryption can protect you, and rest assured cybersecurity companies will find a way to encrypt networks and protect your IoT devices. Until then, never transfer files without scanning them for viruses and always use a device like a Secure USB to transfer files from one device to another, as these flash drives are encrypted.
DNS Attacks and Hijacks
Imagine if your smart fridge started dispensing ice when you didn’t want ice… Or, imagine if your security alarm started sounding in the middle of the night, and it wasn’t even triggered… These are real possibilities if hackers are able to attack your DNS (domain name system).
Cyber criminals may not get more than a laugh out of causing your IoT device to go crazy, but they’re still going to exploit it. If it’s a device that collects personal information, such as your name and address, they have even more reason to attack it. One of the best things you can do to protect yourself is to identify your vulnerabilities and limit how your DNS responds.
InfoWorld recommends, “For internal DNS servers, make sure the only queries that your DNS responds to come from internal computers and other authorized DNS servers.” For home-based IoT devices, this information can be translated to the devices, servers, and computers located under your roof on your network. Also, password protect and hide your network.
Too Many Permissions
What if the IoT device itself causes the threat? That’s a very real possibility when the device starts to allow itself too many permissions. Attackers will be able to exploit those permissions, which could lead them further into your network and onto your other devices. The last place you want a hacker is on a tablet or computer, where you store your records, but that’s exactly where they’ll go.
You can protect yourself by limiting where you install the software for IoT devices. Maybe it’s best to forgo purchasing any IoT devices that require software, at the very least you should do a custom software install and ensure you’ve minimized all the software’s permissions.
The IoT isn’t going anywhere; in fact, the future promises everything (your bed, your clothes, your dresser, your shoes, etc.) will be connected in some way. Today, there are more than two billion mobile phones connected to the Internet, and by 2020 there will be 13 billion things in the home that connect to the Internet. That’s a lot of vulnerabilities, so do what you can now to be proactive about protecting yourself.