Wherever you have technology that is able to connect to a network, there is the very real risk of cyber-crime
The emergence of the IoT and the dawning of the Interconnected Home, is set to revolutionise the way we live our lives.
Connectivity between Internet-enabled devices will allow for previously unthought-of communication, as physical objects perform actions that see them interact with their environment. The possibilities are vast, with electronic appliances in the home embedded with the same technology you would likely find in your phone, or even your car.
Unfortunately, for every smart innovation, like the Rachio Sprinkler Controller [rachio.com/], you will also find an unnecessary application, such as Japan’s ‘Lixil Satis Integrated Toilet’ [www.lixil.co.jp/lineup/toiletroom/satis/smartphone/]. This particular invention connects with your mobile to control water flow and keep a record of your trips to the bathroom. I think, like most people, I can remember my trips!
Whether a clever invention or pointless absurdity, all IoT devices have the same main issue which makes them a threat to our homes and that is, their distinct lack of security.
Wherever you have technology that is able to connect to a network, there is the very real risk of cyber-crime. In most instances, an IoT object will be connected via Wi-Fi in the home, meaning that you can control them from an external source. Televisions, kettles and the home heating system all have the possibility to be accessed through a Smartphone application, where default passwords will have been given but rarely, if ever, changed.
The important thing to understand about your network, whether in the workplace or at home, is that once a criminal has access through one device, they can gain access to every device that is connected. By hacking your connected fridge [www.ibtimes.co.uk/ces-2016-samsung-showcase-internet-things-fridge-called-family-hub-1536010] for example, the hacker could potentially also gain access to the Smart Door Locks [www.postscapes.com/wireless-door-locks/] you have on the same network, putting your home security at risk. They are also only a single step from your PC too, meaning you are vulnerable digitally as well.
A corporate scenario would be an employee bringing a company laptop home from work, and connecting it to the same exposed network. All it would take is for a hacker to enable keyboard logging and they would then be able to track passwords, not only to your own private accounts, but also to those you might access for work purposes. Webcams too might be compromised, allowing the criminal to listen to and record private conversations where you share confidential information.
There is also a risk when you return that machine to work. If it has been compromised at home from an IoT hack and now connects to the company’s network, that network also becomes susceptible to hacking, and the whole company’s data put at risk.
With so many features of the home becoming connected, it pays to be more cautious. Alarm systems, CCTV and, as we have already highlighted, your door locking system are all devices that could potentially be accessed remotely. They may be highly convenient to you and your lifestyle, but you must understand the risks of convenience without the correct security protocol. When electronic appliances are installed and left with nothing more than their default password for protection, it is asking for trouble.
A common response is to dismiss the threat by asking ‘why would someone choose me?’ Why? Because all data has value. It might not be you whom the hacker wants at all but instead the people you know, or even who they know. We have seen hacks target people 6 to 10 times removed from the original hack.
Perhaps the most persuasive aspect of all of this is the ease with which a breach can actually occur. It doesn’t necessarily require a hacker sitting miles away, scouring the web for targets. Instead, an unsecured Wi-Fi network can be accessed by someone who is simply walking past your home. A criminal could drive around, ‘park-up’ beside a house with an unsecured network and begin to ‘wreak havoc’ with your devices.
So what can you do? If you must have an interconnected world, then firstly ensure all passwords are changed from the default and are complex. Secondly, ensure your Wi-Fi router is also set with a password (again not the default) and that encryption is enabled. On the router, check the connected devices on a regular basis and ensure you know what each one is. Then, in the event that a rogue device appears, you will see it immediately. Finally, take steps to add extra levels of data security to your network, such as two-factor authentication (www.digpath.co.uk/authlogics-pingrid), which strengthens passwords, or upgrade your Antivirus to a commercial product. This won’t be free but will have extra levels of protection. Of course the best security is always you. Think before you click.
The incredible leaps being made in technology, and IoT in particular, will have a staggering impact on our lifestyles. In almost every case, IoT devices and applications have been developed to benefit consumers and create a more seamlessly connected environment. Don’t allow these innovations to cause more harm than good as we fully embrace the new digital age.
Colin Tankard is MD data security company Digital Pathways which is a specialist in the design, implementation and management of systems that ensure the security of all data whether at rest within the network, mobile device, in-storage or data in-transit across public or private networks.