«

»

Aug 21 2013

Print this Post

Beware of those ‘always connected’ devices

Devices are becoming increasingly connected. Although this connectedness can improve the quality of our lives, we must still be vigilant to abuses from this technological advancemen  Our newest contributor, Sachin Ganpat, shares some tips on how we can better protect ourselves in this ever-connected world.

Imagine putting your baby to sleep and leaving her room. Later you hear the voice of a strange man coming from inside, saying lewd and derogatory statements. Sounds like a movie doesn’t it? Only that is exactly what happened to a Texas couple a few days ago. And no, it wasn’t a ghost, but a man who had hacked into the Internet connected baby monitor and was speaking through it.

The hacked monitor was probably not made secure by the owners, but how many of us know how to do that? What researchers have found when investigating similar vulnerable devices is that many of those devices were running without any security enable, using default administration credentials, or running an old, insecure version of the device software.

As the Internet of Things becomes more prevalent, there are more and more everyday devices being connected to the internet, and more and more risks that people are just not aware of. Such risks and threats are not confined to baby monitors, but also to home automation systems, smart energy meters, smart TVs, and even medical devices.

Many manufacturers do not think about security when creating their products. And to be fair, the baby monitor manufacturer from above has been known to have equipment with similar vulnerabilities. These devices are meant to be created cheaply and quickly.

So what can the typical consumer do to protect themselves?

  1. RTFM – Read the ‘Fine’ Manual. Ensure that you understand how the device works and how to configure it. Look particularly for security settings and how to get and install updated software for the device.
  2. Give it a secure password. If you can supply a different administration username, do it. Make sure to use a strong, secure password.
  3. Get and install the latest device software. Subscribe to updates from the manufacturer, if available, so that you can be alerted of any potential issues.
  4. Install the device behind a firewall if you can. Even small consumer firewalls nowadays come with some pretty good security features.
  5. Depending on how critical the device is, turn it off when not in use. Not only is the device most secure then, you also save energy.
  6. Create a Google Alert for the product name and model, and use keywords such as “security”, “vulnerability” and “risk”.
  7. Lastly, if you are unsure of anything, ask for help. Even the device manufacturers themselves may have support options available for you.

Internet connected devices are meant to provide convenience and make your lives easier. And they still can, once you take the appropriate steps to understand the risks of such technologies and protect yourself against them.

Stay safe out there…

 

Image credit:  Nutdanai Apikhomboonwaroot (FreeDgitalPhotos.net)

_____________

 

About the author

Sachin Ganpat

Sachin Ganpat is the founder of Interxect Services Limited, a company dedicated to helping Caribbean organisations and businesses do more with information technology. Follow him on twitter @sachin_ganpat or email him at sganpat@interxect.com.

Permanent link to this article: http://www.ict-pulse.com/2013/08/beware-connected-devices/

2 comments

  1. monie

    Informative article. I think people need to be sensitised on this issues as I think not many people are aware of or do not seriously the fact that these devices are connected. My colleague recently did a paper entitled “We find the fridge guilty”, it proved to be an enlightening one. The phenomena of the IoT is here to stay and we cant afford to not balance the convenience provided with protecting ourselves.

  2. Sachin Ganpat

    Quite right. IoT offers a lot of potential, from energy management to safer driving to my fridge telling me to change my water filter.

    I don’t know if sensitation is enough as proliferation of email malware shows us. What we need is manufacturers to have security by default. So your baby monitor cannot access the network until it has been setup with a username and password. Small changes can make the difference.

    And I hope you can share that paper. I looked for it but didn’t find it.

Comments have been disabled.