Photo by Dan Nelson on Unsplash
In the broadest sense, the Internet of Things (IoT) refers to all those appliances, apps, and gadgets that are connected to the internet. But it also primarily means those that are embedded with software and other technologies that allow you to exchange data with other devices via the internet. These smart devices are usually found around the home, for example, doorbell cameras, temperature devices and home voice controllers such as Amazon and Google.
These gadgets and apps are created to make our homes smarter and our lives easier. However, they do come with their own set of challenges. These connected devices can actually leave your data and your home vulnerable to cybercriminals. As such, you need to have a plan for securing these. Essentially, if you have a connected home (or even office) you need to have additional security measures in place to protect it.
That being said, you shouldn't let these risks put you off buying and using these devices because they can be very useful. In this guide, we offer our top cybersecurity tips for keeping your smart devices and your home safe.
How your smart devices could be vulnerable to attack
While smart devices are very high-tech, they can also offer multiple points of entry to criminals and new ways for them to get hold of your data. And these can be things you might not have even thought of.
To give you a better understanding of the ways in which the IoT and smart devices could make you vulnerable, we’ve put together some examples. By educating yourself on the possible threats your devices could pose, you can better protect yourself from these risks. Consider the following scenarios:
- You set your heating to go off when you leave for work in the morning and come back half an hour before you get home - this lets criminals know when you're in and out.
- Using ransomware, hackers could get into your tablets or laptops and demand a ransom to get your system working again, of course, there’s no guarantee they’ll let you regain access.
- Someone could hack into your digital assistants or home voice controller and find out your passwords, shopping habits or financial information.
Now, this is by no means an exhaustive list but keeping these sorts of threats in mind, we’re now going to look at seven ways you can make your smart devices more secure and protect your personal data.
1. Change the name of your router
Your Wi-Fi router will come with a name from the manufacturer which usually gives clues about the make or model. This might not seem a lot, but this could be enough to help hackers get access to your network. As such, you need to change the name to something that has no personal identifiers. For example, don’t give it your last name or the name of the street you live on. Instead, keep it unusual and unique.
2. Create a guest network for visitors
It’s best to keep your Wi-Fi account private and instead let visitors and friends use a separate network that isn't automatically linked to your IoT. A guest network means they can use your devices but with limited access, this reduces the risk of them connecting to you with an infected device or accidentally giving away access to your information.
3. Use strong encryption for your Wi-Fi
You should always encrypt your network regardless but especially when you have multiple smart devices connected at any one time. You can do this by going to your router settings and using an encryption method such as WPA2 when setting up Wi-Fi access. This will help to keep your connection and communications safe and secure from hackers trying to intercept your network.
4. Make sure you have a strong password policy in place
You need to make sure that you're using strong, unique passwords for your Wi-Fi and all your different devices/accounts. Try to avoid using the same password for everything as this can make it much easier for cybercriminals to hack and once they have access to one thing, they’ll have access to it all. And you should NEVER use the default password. Many criminals already know most of these and could therefore hack into your device much easier.
You should also avoid using any passwords that are going to be very obvious such as the word ‘password’, 12345, your first name, or your date of birth. Instead, make it more secure by using a mixture of upper and lower-case letters, numbers, and special characters. If you're worried about remembering all your passwords, perhaps consider investing in a password manager to make things easier for you.
5. Check all the features and settings on your devices
Your IoT devices will always come with default privacy settings so you need to make sure you check what these are when setting up your account. That way, you can consider changing them and adding additional security features to your devices. You should also disable any features that you don't use or that could potentially give access to your information. These might be features such as automatic sign-in, location tracking, or remote access. As a general rule, if you don't need it, it’s best to disable it.
6. Keep your software and your devices up to date
It can be inconvenient when the manufacturer sends you a software update but it’s vital that you install it as soon as possible. This is because the update may offer patches for security flaws that could otherwise leave you vulnerable. If you haven't been sent a software update in a while, you can always look online to see if there is one available.
Similarly, you should regularly audit the IoT devices on your home or office network and keep this updated. In doing so you might find upgrades and new features that offer stronger security features.
7. Avoid connecting your smart devices to any public Wi-Fi networks
Last on the list, if you plan to use your smart devices outside your home or office (or even in your home but not connected to your Wi-Fi), it’s best to avoid connecting to unsecured public networks. If you must use a different internet connection when out and about, it’s a good idea to get yourself a Virtual Private Network (VPN) to help keep your connection secure and your information safe.
About the Author:
Stuart Cooke, Marketing Manager at Evalian.co.uk. They are data protection and cyber security consultants that help businesses become more secure online.
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky