Security Tips

Shopping for IoT Devices this Christmas?

There was a time in the recent past when you could switch on the TV and watch your favourite program in a relaxed environment, without worrying that your TV could be the source of a cyberattack which could drastically affect you – from theft of your finances to rendering your household in pitch darkness.

Today, electronic devices are no longer stand-alone devices that perform one specific function, but instead are connected to other similar devices to form a network that will automate your home. We have smart speakers that connect to the internet and stream radio or music for you to enjoy, and we have smart robots which clean your floors whilst constantly online to make your life easier and let you connect to them from far far away to schedule cleaning times and even choose specific rooms if desired. There are also video surveillance cameras that keep a watchful eye on your property and at the same time stream the captured video on the internet for you to view remotely. Similarly, parents rely on baby monitors to ensure their children are safe – these devices are connected to the network as well.

These electronic devices, also known as Internet of Things (IoTs), have complex software programs which enable them to carry out their functions and enable connectivity. These are usually connected via your home network and since they have software embedded, they are vulnerable to cyberattacks. If these devices are compromised, the attackers would have direct access to your home network and all the devices that are connected to it, including your laptops, which are usually used to manage one’s online finances.

IoT-enabled cyberattacks are unfortunately a reality and not a fantasy. In July 2017 a casino in America suffered an attack and had its customer data stolen. The attackers managed to access the casino’s network through a vulnerable network-connected fish tank sensor that controlled the water temperature!

With the Christmas season finally here, many may be looking for an innovative electronic gadget to purchase as a gift or for themselves. It is very important that when acquiring such devices, one should also know how to securely install and maintain them. However, secure best practices do not often come with the instruction booklet, but will require some additional effort by the user. The following are some tips that one can follow to secure such devices:

  • Make sure that the device supports a user and password to access and enable it. Your chosen password should be strong and long, with a combination of capital letters, small letters, symbols and numbers, and be at least 12 characters in length.
  • Change the default password that came with the device. This is very important because an attacker can easily obtain a default password online.
  • Keep the devices constantly updated with the latest software updates to ensure that known weaknesses in the devices are corrected.
  • Whenever possible disable remote connectivity, especially for those devices that do not require remote management (such as TVs).
  • If remote connectivity is required, restrict the access to authorised users only.
  • Secure your home network (WiFi and wired) by installing and/or enabling a firewall to control the traffic that is being exchanged on your network.
  • Always enable and use communication encryption whenever possible to prevent easy data viewing from malicious actors.

By implementing these secure best practices, you can buy and use your state-of-the-art appliance with peace of mind.