Every home has at least one or more internet-connected device apart from laptops, tablets, and smartphones. These smart devices can be used by hackers to perform cyber attacks. Some real-world examples from the past are as follows:
- IoT devices (mostly IP cameras) being turned into an army of robots which are used to perform DDOS (Distributed Denial of Service) attack on DNS services like Dyn which made popular websites like Twitter, Amazon, Netflix, Airbnb, etc. offline.
- Ukraine Power Grid was taken off-line and impacting thousands of homes.
- A German Steel mill blast furnace being damaged.
The scope of attack surface is increasing. For e.g., a hacked coffee machine in your home or office can be used to access your home/office network and use it as a stepping ground to perform further cyber crimes. Network forensics in such cyber crimes will be then traced into the home networks of innocent peoples. So it is very important that you take the security of your smart devices with seriousness. Here is a brief overview of 9 important tips to protect you and your home network from hackers.
1) Change default settings/default passwords
Ensure that any access requiring authentication requires strong passwords. Do not use default passwords. There are automated scanners which scan the internet for devices with default passwords and try to exploit them. Review all default settings in the devices to ensure your privacy and to disable any unwanted features. Turn off Universal Plug and Play (UPnP) on your router, and on your IoT devices if possible.
2) Segmentation of network
You can create a separate network for your smart devices. Several routers allow you to create two separate networks. Keep your internet of things (coffee machines, refrigerator, washing machine, heater, IP camera e.t.c) on a different network than those who use for online banking and work. Segmenting the network makes it harder for hackers to take full control over your network from a compromised IoT device.
Read more on IOT security: Securing Internet of Things(IoT) – How a Connected Device may Risk your Life?
3) Keep firmwares of your IoT devices updated
Updated firmwares keeps the device safe from known security vulnerabilities which is used to gain unauthorized access to your smart devices by a remote attacker.
4) Avoid using an insecure network to access your smart devices
When accessing the smart devices from the internet, always use secure channels to access them (for e.g https interface over HTTP). Accessing via insecure channels allows an evil attacker to capture the network traffic and steal the credentials to access your devices. Never ever use an open wifi network to connect your smart devices. Try to avoid using internet connected devices which do not support wifi security. When accessing home network from a remote location, use of a VPN system to encrypt the connection to the home network is highly recommended
5) Disconnect devices which are not used from internet
If you are not using an internet-based feature of a device, do not connect it to the internet. For e.g., if you are using a printer via USB cable, do not enable or use the wifi connection built into it. A set top box used exclusively for watching broadcast programs need not be connected to the internet.
6) Be aware of what is connected
It is very easy to have internet connected devices sitting at the corner without being noticed. Keep track of all connected devices and make sure that all of them are configured and secured properly. Some examples are game consoles, media players, and anything with a microphone or camera, kids toys, digital photo frames, etc. Only network those devices which you really need to use.
7) Use a network firewall
A firewall helps to prevent hackers and malwares from reaching your connected devices over the Internet by denying unauthorized traffic. Use a device with a firewall or a modern router with facilities to protect the connected devices from the open internet. For example, It is advised to use a unified threat management (UTM) systems in place when you use several Internet-connected devices such as scanners, printers, TVs, printers, garage doors and thermostats in a home office setup.
8) Physical security
This is more important in case of small business. An innocent looking/covert device can be hooked into one of the open network ports on your connected devices to access and exploit the network remotely. So physically secure all similar situations on your devices such as routers, printers, multifunction devices, etc.
9) Do your homework before buying an IoT device
If you are trying to build a smart home or a network of IoT devices, it is advised to do it with a thorough security and privacy risk assessment. Invest on products which are built with security in mind which keeps encrypted communications and offers regular security updates.
You may be interested in reading: How to use Internet of Things (IoT) Securely? An Insight from Global Cybersecurity Thought Leader!