The Internet of Things: More Vulnerable to Hacking Than You Think
The Internet of Things is here, now. It’s not the future. It’s not some far off point when we’ll live like the Jetsons. Chances are good that you already have several of these devices in your home right now. Your fitness tracker is part of the Internet of Things. Your web-connected home alarm system is part of the IoT. Your snazzy new connected thermostat is an IoT device.
On the surface, the Internet of Things is fantastic. These devices offer more functionality, more connectivity, and greater convenience. Who wouldn’t love the ability to adjust the thermostat or turn the lights on and off at home from their smartphone while they’re miles away? The utility and benefits of the IoT aren’t in question. What is in question is how secure those devices are, and by extension, your personal information and other connected devices.
The answer might surprise you — they’re not. An incredible number of connected devices have no protection whatsoever. That means they’re wide open for hackers, viruses and anyone interested in stealing your information and invading your privacy. It’s all too easy to hack these systems, too. You’ve probably heard about the hackers who penetrated the brand new Jeep Cherokee in 2015 and compromised it’s steering and performance. That’s just the tip of the proverbial iceberg.
How do you protect yourself and your family? Short of eliminating all connected technologies from your life, the only real way to go about this is to learn how vulnerable your system is. You should also answer some basic information about each device to determine whether a vulnerability here could be used against you.
What Information Is Stored on the Device?
One of the most important questions to answer is what information is stored on the device and whether it being hacked could put sensitive data into the wrong hands. Obviously, your laptop, desktop, smartphone and tablet probably contain a wealth of financial and personal information. But what about your fitness tracker? While a thief probably doesn’t care about your heart rate or how many steps you’ve gotten for the day, they could probably benefit from knowing your location (by accessing your device’s GPS0).
How Does Each Device Transmit Data and What Data Is Transmitted?
This is a big one — how does each device transmit data? If it’s transmitted via Bluetooth, such as from your fitness tracker to your smartphone, it’s pretty secure. However, if it’s transmitted through your home’s Wi-Fi, it’s not particularly secure. This goes double if the data isn’t encrypted. You’d be amazed at the number of devices out there that transmit sensitive information without any encryption at all. One brand of smart lighting actually transmitted the password to the wireless network without any encryption. You can’t risk that.
Does the Device Require a Password?
While passwords might be one of the least secure forms of protection, they’re at least a step in the right direction. If the device doesn’t require a password, it’s obviously not secured. However, if you’re using a device that comes with a default password that’s never been changed, you’re putting yourself at risk. You should also find out if the device offers intruder lockout after an incorrect password has been entered several times. This can provide additional security.
How Are Updates Handled?
Any IoT device will require ongoing updates to protect it against exploits. Any missing updates can compromise security, but how do you ensure that the device is receiving updates? Are there actually any updates available? What timeframe does the developer follow for rolling out those important patches? If your device isn’t being updated, or the manufacturer doesn’t offer ongoing patches, you could be putting your entire network at risk.
Has the Device Been Tested in DDOS Attacks?
All IoT devices should be tested to see how they perform under a variety of conditions, including in the event of a DDOS (denial of service attack). Has your device been tested? What were the results? Did the manufacturer do any testing at all? You might be surprised at the number of companies out there that are in such a rush to get their product to market that they fail to do their due diligence. This can put your information at grave risk.
When everything is said and done, you need to remember that any IoT device is the same as other networked systems. Your smart refrigerator poses the same risks and has the same vulnerabilities as your PC or laptop. It needs the same considerations in terms of protection. Of course, you can’t install antivirus software on your smart fridge, and your smart thermostat probably doesn’t come with a firewall of its own.
The answer to the safety issue posed by IoT devices is CUJO. Our unique system protects not just your laptop and PC, but every single device connected to the network, from your smart refrigerator to your lighting to your home’s alarm system, and everything in between. Simply put, if it’s connected to your network, it’s connected to CUJO. That allows you to ensure that a rogue device, or something as simple as a missing security patch on a connected device, doesn’t put your entire network at risk.
CUJO was developed to be a long-term solution to the rapidly growing concern about network security in the IoT age. It learns, it grows, and it updates to ensure that you have ongoing protection at all times. With CUJO, there’s no need to worry that a hacker could use an unprotected device as a springboard to penetrate the entire network, compromising your personal and financial information. It’s all protected, all the time.
Originally published at www.getcujo.com on February 24, 2016.