Why Your IoT Devices Make You An Easy Target For Cybercrime
The internet has become a widely available and essential part of everyday life. More devices now exist with wi-fi capabilities and sensors—technology designed to make your business more productive and your home life more efficient.
We can turn our lights on or off or reset our thermostats with the tap of a touchscreen. We can stream our nanny-cam straight to our tablet and start our cars from the living room. There are fridges that sense when we’re out of milk and will order more and even connected medical devices that can help save lives.
This advancing technology allows connecting your devices together to be easier than ever but also poses significant threats to security.
Read on to learn more about the Internet of Things and the security concerns associated with it.
What Is The Internet Of Things?
The Internet of Things (IoT) refers to the connection of your devices, even beyond computers and smartphones. A few examples include:
- Coffee makers & other ‘smart’ appliances
- Home assistants (like Google Home or Amazon Alexa)
- Smart watches
- Cars with remote starters on smartphones
- Security cameras
These devices typically come with built-in electronics, software, and sensors. They are also assigned unique IP addresses, enabling them to connect, communicate, and exchange data with other machines. And because they communicate and exchange data with each other, they are all potential entry points for cyber-criminals to gain access to the entire IoT ecosystem.
The Internet of Things Security And Privacy Issues
With the ability to be more connected comes the Internet of Things device security concerns—each one is a potential entry point for cybercriminals. Think about it this way: you install anti-virus software on your computer (and maybe on your phone) but what about your thermostat, smart speaker, security camera, or even your toaster?
What Makes IoT Devices An Easy Target For Cybercrime?
1. Few security features
For ease of use, IoT devices have a lack of security features. Most of these devices don’t have the capacity to host anti-virus software—and manufacturers don’t offer consumers the option to upgrade or apply patches when there are issues. This leaves a massive gap in the network of any home or business with IoT connected devices.
Trustlook, a cyber-security firm based in San Jose, California, estimates 54% of devices have no added security and 35% of users do not change the default usernames and passwords, making these devices very easy targets.
2. Access to other devices
Another reason cyber crooks target these devices is that they make excellent jumping-off points—smaller, less secure IoT devices are a gateway to all sorts of information.
How much valuable data will a hacker get by infiltrating your home air quality monitor? Not much. But that point of entry can get them access to your home network, enabling them to steal private information like usernames and passwords, or even banking information.
If your smartwatch becomes hacked, how valuable is it for the hacker to know how many steps you took yesterday? Not very. But if you connect your smartwatch to your computer at the office, hacking that watch might give the attacker access to the whole company network.
If a person can hack into one of your lower-security devices, they have the potential to access so much more.
3. Opportunity for large-scale attacks
Once an attacker has access to a network of devices, they have the opportunity to launch botnet attacks. These attacks involve hackers installing and running malware on networks of private computers and devices connected through the internet. With such massive numbers of connected devices, the IoT offers a great opportunity for cybercriminals to launch these large-scale attacks—and can lead to devastating results (such as the Domain Name System Provider Disruption of October 2016).
The Future of IoT and Cybercrime
A study conducted by Trustlook estimates by 2020 the Internet of Things will have 25 Billion connected devices, with about 5 Million new devices added daily. While people tend to look at all the positive ways these devices impact our lives, the future poses even more Internet of Things security concerns. By 2020, 25% of cyber attacks will target IoT devices.
In the 2018 National Cyber Threat Assessment, the Canadian Centre for Cyber Security (CCCS) reported cyber criminals are shifting their attention from traditional computers to internet-connected devices in Canadian homes.The Centre predicts cyber attacks on Canadians will continue to rise at an alarming rate in the coming years.
By 2021, the cost of global cyber-crime may be $6 trillion annually—and it won’t just be about hacking your computer or your phone anymore.
How to Make IoT Devices Safer
Since no security standards currently exist, increasing the security of IoT devices begins with the manufacturers.
- The manufacturers calling for the introduction and implementation of security standards for connected devices
- Security tested during each phase of the development process so that any issues can be nipped in the bud before devices hit the market
- Including certification of standards with the product so the user knows the device is trusted
Once the device reaches the end user, they should not come with default passwords. Users should be required to enter their own unique credentials during the installation process.
5 Things You Can Do To Increase Security Of Your IoT Devices
Without standards regarding the type or level of security these devices need when manufactured, it can be difficult to know if your device is secure.
However, there are things you can do to increase the security of your connected devices to keep your sensitive information as safe as possible:
- Disconnect devices when not in use
- Make sure software for all devices are up to date (set to update automatically if possible)
- Manage privacy options to limit the amount of information devices share
- Use strong passwords or choose to use devices or applications that use one-time passwords or Two-Factor Authentication (2FA).
- Change the default login password on your home router and your Wi-Fi password regularly
Being vigilant is one of the best ways to help keep Internet of Things security issues at bay. Travel it with your eyes wide open—be aware of the risks and do everything you can to minimize them.
If you need help securing your home or business systems and devices, there is always a Nerd security specialist at your service.