There is nothing to fear from Internet Of Things (IoT) devices inherently, but with any internet connected device there are security concerns. Today there are already two times as many connected devices on the planet as there are people alive. Being safe online is second nature to many of us, but when it comes to IoT the security standards are not always so simple.
More than 60% of adults in the US own at least one connected device and nearly all of them are currently connected to the internet. From Alexa to Smart TVs, many would agree that IoT devices are the future of connectivity, but is security able to keep up? The hard truth is that, though IoT devices are trendy and high tech, they are designed to be that way, often at the expense of security measures. Universal Plug and Play Protocol, or UPnP, may be convenient, but the automatic process is only so quick because it doesn’t require any authentication and can be done remotely. Default passwords from manufacturers may facilitate device setup, but it’s common for users to forget to set their own passwords once their device is up and running. Unsecured devices run a high risk of being attacked which can result in stolen private data, interference with financial transactions, and can even stop your device rom working completely until a ransom is paid, of course.
Concerns grew so bad in fact that in September 2015 the FBI stepped in with a warning to all IoT users. As it was increasingly clear that consumers want the latest tech available, but aren’t necessarily aware of the risks, the FBI’s notice implored users to be aware of the risks and take necessary precautions to protect not only their devices, but the data stored within those devices as well. Just one year later these fears were realized. October 2016, hackers launched a sustained assault on Dyn, the company in control of much of the world’s DNS infrastructure. The Mirai malware bot was able to infect computers and IoT devices using default passwords. The result two times more powerful than any previous attack, shut down huge portions of the internet including everyone’s favorite websites, and ended up being the largest DDoS attack ever. Because hacks to IoT devices are harder to detect and paired with lower security standards, cyber criminals can easily gain access and spark a chain reaction of breached devices.
So what does it take to keep devices secure in the face of so much danger? Knowing is half the battle. Simple precautions like making sure your WiFi password is strong, disabling UPnP connections on routers, and setting your own, unique passwords for every device is a good start. Being aware of from which manufacturers you are purchasing devices from and making sure they have a good track record of security standards is also a must. Staying up to date with manufacturer released security patches and updates can help your device run smoothly, and also patch over any bugs that create holes in the security system. Finally, just knowing your network, the people sharing it, and the devices connected to it could mean the difference between a secured network and an unsecured network; even one device breached can put them all at risk. However, there is only so much that individual users can do; real security improvement must come from industry-wide standards.
Someday IoT could connect every device on the planet, but before we can entertain this possibility security is going to have to keep up. How do you keep your IoT devices secure? Take a look at this infographic for more on the current state if IoT, the persisting security concerns, how to avoid cyber attacks, and how IoT security is shaping the future of connectivity.