Holiday Hacks: IoT Safety

The holidays bring joy — family, friends and new electronics!

Over the past few years, consumer electronics have brought a new wave of cyber threats. Infected security cameras, voice assistant, thermostats and a variety of other IoT devices have come under fire for vulnerabilities in their systems allowing hackers to access personal data and video recordings inside a home. Just recently, a hacker talked to the owner of an IoT security camera.

We here at NOVAM want to make sure you have a happy and safe Holiday and Happy New Year! Below you’ll find several security basics to help protect you against unwanted hackers.

1. Turn on Two-factor Authentication (2FA).

2FA is a process that enables a secondary layer to authenticate or allow access to an account. This could be a device, application, or websites. Turning on 2FA enables added security to help prevent against hackers. Two popular 2FA applications are Google Authenticator and Authy.

2. Update your new electronic devices.

The cool toys you receive during the holidays will make you smile. But, don’t forget to update them immediately. Manufacturer updates help prevent against known vulnerabilities in the firmware, software, and security protocols. The official versions can typically be found with a push notification to the device that alerts you of the update. In the case that a device doesn’t allow push notifications, you can typically find the most recent device firmware on the manufacturer's website.

3. Use different passwords to log in per device/account.

The most common mistake consumers make is to use the same password or username for multiple websites or devices. Sure, it’s convenient but dangerous. The number of login credentials data dumps is in the billions. Hackers use automated programs to go through credentials on websites and IoT devices in attempts to hack you. You can go a step further and use a password manager like Dashlane, LastPass, and many others. A quick search (password manager hacked?) will lead you to information if the managers have ever been hacked — a good sign not to use them.

4. Change default username/password.

Devices out of the box have default usernames and passwords. Do yourself a favor and change the credentials from defaults to something you’ll remember, but that isn’t “admin”, “password”, or “12345” to be safe (those are the most common username/passwords).

Remember to be security focused and safe this holiday season!