IoT Devices - Security Challenges
While the term itself might seem abstract or something that only a super tech savvy person would understand, it is quite common and most people already own one if not more of these devices. They do make our life less complicated, after all who doesn’t want a coffee machine that knows what time it is, and prepares us coffee, but with these technological advances there are also many security concerns. So let us explain what an IoT device and what you need to know to better protect yourself against people with malicious intent.
What are IoT devices ?
An IoT (Internet of Things) device is any device that can connect wirelessly to other devices but can’t really be considered or used as a computer. They come in many forms and sizes, like a pacemaker, a thermostat, a car, or a smartwatch, these can be home appliances and these devices have different types of software or sensors implanted in them to be able to connect and exchange data between them.
These devices are by no means “new” they have been in existence for many years a good example of this is an ATM, since these are considered to be one of the very first IoT devices and as you know ATMs have been in existence since the 1970s.
If these devices aren’t new, then why all the big fuss you may wonder. Well it is true that they aren’t new, but the amount of people and different sectors that are using these devices have been growing exponentially, and here lies the problem. These devices don’t have security as their main concern and this is bad, because if we are using and integrating these devices in our daily lives, the possibility of these devices being misused or used to get a “foot” into your network is a real possibility.
Security concerns with IoT devices
It is estimated that by the year 2020 there will be 13.5 billion IoT devices. We have seen how some hackers have been able to connect and remotely drive cars, we just recently seen how the FDA (Food and Drug Administration) had to recall pacemakers because they feared that they were susceptible to hacks and needed firmware updates. These are just two examples on how serious this problem has become, not only that but last year we were witness to the Infamous IoT Botnet that through a Distributed Denial of-service attack (DDoS) temporarily brought down twitter, Netflix, Pinterest and some other sites.
This information is not meant to scare anyone, although it should, the objective here to inform people on the real security threats these devices pose. There are a couple of things that people can start doing right now to lower the risk of becoming a victim.
Short term ways to minimize the threat of these devices
Just because your Television can connect to the internet, doesn’t mean that you should, or if you need to use it, it is always a good idea to disconnect it from the internet as soon as you are done. Always making sure that device is updated with the latest firmware is crucial to your security. UPnP (Universal Plug and Play) is common because it allows for devices to be discovered without having to configure them individually, however this protocol has many known flaws and is among the many ways, a hacker can get access to your internal network by piggy backing through these more vulnerable devices, so this option should always be turned off. The fact is that it “should” be the developers job to make sure that security is their top priority when creating them, but until this happens it is our responsibility to make sure that we control the access these devices have.