Just about a week ago, a large-scale distributed denial of service (DDoS) attack knocked out a host of popular websites and mobile apps, including Twitter, Reddit and CNN.com, causing major outages throughout the day. It was later revealed that the attack was aided by commandeering Internet of Things (IoT) devices like smart speakers, DVRs and baby monitors, which were easily taken over because many of these devices’ easily accessible, default passwords had never been changed.
Despite this massive attack, many internet users still have not realized the roles they play in keeping our Internet of Things secure. In fact, it’s fairly common practice for most people not to change the default passwords on their home routers, connected appliances, fitness trackers or other smart devices, leaving their digital doors open to hackers and other cybercriminals.
Connected devices are advancing at a rapid rate, with projected growth of more than 2.5-fold by 2020, IoT devices are the fastest growing in the category. A new ESET/National Cyber Security Alliance (NCSA) survey reveals that 56 percent of consumers own up to three devices – not counting computers or smartphones – that connect to their home routers, with 22 percent having between four and 10 additional connected devices and three percent owning more than 10. Additionally, nearly one in four respondents (24%) reported using an app from their mobile devices or computers to remotely access or control devices in their homes.
Undoubtedly, increased connectivity is unlocking new potential for the future of our businesses, communities and way of life. However, while IoT will provide us with tremendous benefits and convenience – like allowing us remotely access, monitor and control our cars, fridges, coffee makers and a range of other connected technology in the home – it will also pose enormous security and privacy challenges.
The Internet of Me
IoT is fueled by personal information and function – for example, fitness trackers use location, movements and data about weight, diet and exercise to help inspire healthier choices – and smart thermostats learn household habits and temperature preferences to keep families comfortable. This ever-growing universe of IoT is really evolving into an Internet of Me, which is why it’s important to consider several factors before adopting an additional device into one’s digital mix. Important factors, such as knowing how to keep devices secure, understanding what type of data is being collected, trusting where it’s being stored and evaluating these conditions alongside the advantages offered by an IoT-enabled device, must be addressed.
As many consumers recently discovered, there are some things – like kids’ toys or even bedroom devices – that you might not want to connect to the internet. When it comes to online safety, we encourage people to STOP. THINK. CONNECT., but when it comes to IoT, remember, “STOP., THINK., should I connect”?.
National Cyber Security Awareness Month – recognized annually in October – is coming to a close, but our shared responsibility to promote a safer, more secure and more trusted internet continues every single day. NCSA provides free online safety resources, tips and advice year-round. Check out staysafeonline.org and stopthinkconnect.org to learn how you can better protect yourself and your personal information as you connect to the world around you.
NCSA recommends following these online safety tips to enjoy the countless benefits of cutting-edge tech with more peace of mind:
- Learn how to maintain the cybersecurity of your IoT devices: Protecting smart devices like wearables and connected appliances might be different than securing your computer or smartphone; research the process for keeping IoT devices secure before you purchase them and take measures to safeguard your devices over time.
- Pay attention to the WiFi router in your home: Routers are likely the access points for many IoT devices to the internet. Use a strong password to protect your router, keep it up to date and name it in a way that won’t let people know it’s in your house.
- Keep clean machines: Many IoT devices connect through mobile device apps. Keep them up to date. You may need to update the software on your mobile device as well to keep it secure.
- Own your online presence: Understand what information your devices collect and how it’s managed and stored. Additionally, before adopting a new smart device, do your research to make sure others have had positive experiences from a security and privacy perspective.
- Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.