What Is the Best Approach to Prevent a Compromised IoT Device?


What Is the Best Approach to Prevent a Compromised IoT Device

We are all well aware by now that IoT is the next big thing in the world of automation, and it has taken the world by storm. You can see concepts of IoT being applied and its silent features being deployed in each and everything that we do in our daily life, rather knowingly or unknowingly. The fact of the matter is, that no matter where we are; no matter what we do; we are all data integers and are continually in the process of sharing data across everything that we communicate to. Consider the new 2019 model car that you had just bought? Yes, sir! That too is a part of the IoT platform and is one way, or another is sharing data with the manufacturer. I will not go into more details here, since the question we hand in hand is what and how can you ensure that your IoT device stays in its best shape and doesn’t get compromised by an infiltrator; in simpler words “A Hacker”.

Let me enlighten you, that IoT devices all around us are collecting data. That could also possibly include your personal data. So how do you protect it? Since if a hacker gets their hands on it, they can do whatever they deem fit with it. The underworld of the cybercrimes is on the continuous lookout for such information, and they certainly would go at any extent they deem appropriate when it comes down to the usage of this unauthorised data. Here in this article, I share with you the 6 top ways that you can exercise to ensure that your IoT devices remain safe from the hands of the hacker.

Who over here don’t know about the army of botnet that had been used in the famous Mirai attack. The Mirai cyberattack disrupted a vast sum of websites across the United States back in 2016. What shocks me the most is that even a kid’s toy such as a CloudPet can be used to act as a surveillance system for the prying eyes and the hackers, just because they found a loophole in the system of the CloudPet and could not possibly use it at their advantage? So it would be safe to assume that anything that has a camera and a microphone in it could potentially be converted into a remote surveillance system by a hacker, and gentlemen; this is just the tip of the iceberg.

With the continuous development in the field of IoT and with the gadgets and merchandises continuously being manufactured, it is of vital importance that we pay equal attention to safeguarding those assets of ours. And when I say assets, I mean our “DATA and INFORMATION”. Almost all the gadgets that we use daily are capable of knowing of our whereabouts, keeping a track on it and somehow are a permanent part of our lifecycle. A prime example is our smartphones? SCARY huh?

Let me take you through the steps that I have exercised in my own home and adapted these best practices regularly to ensure my information stays where it should be and not go into the hands of someone who it shouldn’t be in the first place.

Always Ensure To Have The Latest Firmware’s Installed

As I have repeated in numerous articles here at SmartNutter.com, please always ensure that you never miss out on any firmware updates your device offers you. Almost all of the smart devices you have incorporated into your life (and yes that also includes your smartphones); have an auto-update feature that saves you the headache and the time required to update it manually. Make sure that is always turned on. Periodically ensure that you check for the updates on your smart devices yourself too, to be sure. If you have a smart hub that interconnects all your devices, then even better. You can be notified of and when a new firmware upgrade is launched on a particular device and if the auto-update is configured; it would just alert you that the update has been successful and if required the device would now reboot for the changes to take effect.

Why are these upgrades necessary is a different article altogether! And honestly, I can compose a whole website dedicated to this particular topic. But for the essence of this topic, firmware upgrades are essential since they allow you to fix the vulnerabilities the developer has found and addressed in this new version.

Now, what if your particular IoT device doesn’t have an auto-updater? Oh No! It’s the end of the world. No sir! In this case, you need to make sure that you get onto the device and check for the latest updates manually. It sometimes happens that the manufacturer of a particular product hasn’t provided the option of an auto-update. Example of such gadgets is a smart dishwasher, a smart showerhead or even a smart car accessory.

The best way to always ensure that you at the top of the game is to ensure your devices are updated to its latest firmware at all times. Do not just google for “Latest firmware for XYZ” (where XYZ is your IoT device). Always ensure to download the latest patch from the official repository.

Ensure To Keep Strong Passwords

How would it sound that you deployed the best kind of a lock to the main entrance door of your house, but anyone easily finds the place where you kept the key. Not so bright eh! The same concept applies to the smart devices that you have in your ecosystem. Whenever you pick up a new shiny smart device for your home, the default username and password is mostly set to “admin” and the password to “admin” as well. This is to simplify gaining access to the device when the owner is initially setting it up. But that DOES NOT mean at any given stage that you should not change this password to a more non-generic one. A password should comprise of almost 16 characters with a mixture of upper-case, lower-case, special characters, and numerals. This would virtually make it impossible for a hacker to brute force their way into the device using the most convenient method of hacking. I’m not saying this is the only way for a hacker to gain access, but this is one of the most common ways.

Do not ever re-use the password you have set for one device, on the other device. This isn’t the best practice and leaves a massive loophole. Opening doors to a plethora of ways a hacker could gain access to your smart home.

Keep A Sperate Network for Your IoT Devices

If you are a tech geek, then you would know what a VLAN is. If you don’t know what a VLAN is, then Google is your best friend. Alright, do not just go away onto the other tab and start searching for the word “VLAN”. A VLAN is a dedicated network that is in-built into your current router. The benefit of creating a separate network within your existing Wi-Fi router enables your IoT devices to remain confined within that territory and do not interfere with other devices that are connected to it.

How does this benefit us? Right! Let us assume that a hacker gains access to one of your smart devices. Once that happens, the hacker has now the potential to gain access to your other devices that are connected on the “SAME” network. The emphasis is on the word “SAME”. This could include, your smartphones, your laptops and anything else that they deem fit. This significantly puts you at risk of losing your confidential details to your bank accounts and even credit card numbers to the hacker.

Having a segregated network (separate network) setup with-in your Wi-Fi router at home would allow your IoT devices to work within that segment. Therefore, if the hacker does gain access to one of your devices over the network, it would not allow them to access your other devices that are not a part of that Wi-Fi framework.

Thus, always ensure, to have a dedicated network for your IoT devices, and always keep your other devices connected to the other group (SSID) of your router, so that each does not overlap.

IoT Security Standards Should Always Be Considered

It may be tempting just to buy anything that is cheap and represents value. The urge to get your hands on the latest smart device and gadget is every smart home lover’s desire. But remember, each of these devices does connect to the internet and hence may pose a significant threat since each of the IoT devices which are not following the international security standards; does post a danger to your ecosystem.

Always ensure that you investigate and do your due diligence when it comes down to purchasing that new smart device you want. Go to their manufacturer’s website and read on the product and technical specifications. Find out if the device you are about to buy has a built-in PKI managed service? Read more if the device is TLS/SSL and encryption standards compliant? If not, then your best bet is to steer clear from such devices. It is not worth to risk your privacy and confidentiality just by picking up a smart device that is following the best security practices.

A lot is going on in the IoT world, and strict security standards are being launched to regulate the security and safety of each product that the manufacturer produces for the IoT consumer. The Internet Society Internet Engineering Task Force (IETF) is continuously pushing the manufacturers to follow a particular set of security standards for all the IoT devices that are being launched into the market. But unfortunately, the process of regulating such standard is still on-going and not everyone cares about adhering to them. Always keep your eyes open and read about the product before you spend your hard-earned money on it.

Say bye-bye to UPnP

UPnP stands for Universal Plug and Play. It is all hunky-dory when a device is labelled as UPnP, allowing you to connect out of the box and start functioning seamlessly. This is the worst thing you could do to your smart home network. I understand it is easy to remove the product from the box and with one push of a button, you can use the device as you intend it to. UPnP is the most vulnerable protocols that are still being followed by some manufacturers. Cybercriminals have exploited these particular protocol thousands of times in the past and would continually keep on doing so till the manufacturers of this specific protocol either do not completely revamp the way they approach embedding this protocol into their devices or this protocol stops completely.

The way a UPnP work is by trusting every router and device, you intend it to function with. It is like choosing a friendly Labrador dog to protect your house. When it is not capable of protecting your home. I love Labradors, don’t get me wrong there. But protecting your house is not the trait that is there is a Labrador.

I am not saying UPnP is junk, but you should like, always DISABLE it whenever you pick a device that claims to have (CONNECTS IN ONE CLICK) affixed onto the box. UPnP opens a lot of external ports on your router which is never a good thing.

Invest in A Physical Firewall for More Complicated IoT Setups

This is a tricky one people. To make it simple, there are two types of firewalls for any business or a home-user. The first one being software and the second one being a physical device.

A firewall serves as an inspector. It won’t allow anyone who the inspector suspects as a threat, to pass through. A physical firewall does the same. It not only protects your environment from a hacker but also protects from malicious viruses and malware at the same time. This greatly protects the way your devices communicate to the network and thus if any device on your network does get affected by a virus or a hacker, then the firewall doesn’t let the malicious code to spread throughout the rest of the network.

So, if you have a few smart lightbulbs then you probably could make your peace with installing a software-based firewall into your smart ecosystem. But if your IoT environment is a high-end one and has a lot of sensitive gadgets, then your best and the only way forward is to make sure you have a dedicated physical firewall installed and connected to your main router that supplies the internet to the rest of your devices over the network.

Conclusion

No matter what gadgets you are buying, no matter what security you deploy, no matter how good or bad they are; at the end, nothing beats just disconnecting the device completely when they are not in use. Afterall if the device is not powered on and has the cable removed from the wall socket, then there is no way a device could be used to the hacker’s benefit, and thus no further damage would be done.

My best advice to you would always be to disconnect the devices when they are not in use. Now wait, do not start removing power cables to your smart thermostats and your smart fridge, etc. Just exercise caution and keep the above 6 points in your mind when you buy and use the smart devices.

I would strongly recommend you read my article on the ultimate guide on smart home automation where I have covered every technique that you can use to convert your dumb home into a smart home.

Happy “Jetson” home people!

Sign

Zohaib S.

A technology enthusiast who has converted his home into a "JETSONS" edition.

Recent Content