A growing number of devices are becoming the focus of security threats as the Internet of Things (IoT) becomes a reality.
While Symantec Security Response just confirmed via its analysis that recent reports of 100,000 home devices from entertainment systems to refrigerators sending spam is inaccurate, this is NOT to say that the Internet of Things (IoT) won’t be to blame for a cyber-attack in the near future.
What if your baby monitor was used to spy on you? Is it possible for a television to keep tabs on your viewing habits, or for your car to be hacked by malicious attackers? Symantec has written a blog post titled “The Internet Of Things – New Threats Emerge in a Connected World” on the potential security threats that have come about, even as IoT is in early stages.
One key example is a worm targeting computers running the Linux operating system that Symantec investigator Kaoru Hayashi recently discovered. The worm initially seemed nothing out of the ordinary – it leaves a back door on the infected computer, allowing the attacker to issue commands to it. Although computers are frequently patched, Hayashi found that devices such as home routers, set-top boxes, security cameras and industrial control systems were vulnerable as some vendors don’t supply updates, either because of hardware limitations or outdated technology, such as an inability to run newer versions of the software.
With the growth of Internet-enabled devices set to hit 50 billion by 2020, according to Cisco, these devices with the relative lack of security maybe one of the key targets of cyber attackers in the near future.
Users of Internet-connected devices are strongly advised to follow the best practices listed below:
- Perform an audit of owned devices. Just because a device does not possess a screen or a keyboard, does not mean that it is not vulnerable to attacks.
- If a device is connected to a home network, there is a possibility that it accessible over the Internet and thus needs to be secured.
- Pay attention to the security settings on any devices purchased. If it is remotely accessible, disable this feature if it is not needed. Change any default passwords to something only you know. Don’t use common or easily guessable passwords such as “123456” or “password”. A long combination of letters, numbers and symbols will generate a strong password.
- Regularly check the manufacturer’s website to see if there are updates to the device’s software. If security vulnerabilities are discovered, manufacturers will often patch them in new updates to the software.
Please visit this link to read the blog post in full, and do get in touch if you are interested in speaking to a Symantec expert about these threats:
- The security risks around the IoT
- Types of threats targeting IoT devices today and what we’ll see in the future
- Tips for preventing IoT cyber-attacks