The FBI has a rather different approach towards the Internet of Things, saying that users should deal with IoT devices with caution; otherwise they should keep it off the internet. In a Public Service announcement issued last week, the law enforcement agency discussed the potential security risks of using interconnected devices such as smart light bulbs, connected cars, smart fridges, wearables, and other home security systems. The PSA included network connected printers as well as fuel monitoring systems.
According to the PSA’s list of IoT risks, cybercriminals can take advantage of system and human vulnerabilities by exploiting these weaknesses with IoT’s deficient security capabilities and patching difficulties. The FBI also cited that the lack of consumer awareness can open windows of opportunities for attackers to not only execute online attacks, but threaten the physical safety of consumers as well.
It’s Not Just Smart Devices or Home Security Systems Anymore
Since the conception of IoT, we’ve seen several incidents that involved attacks on smart home systems and devices, and the prevalent smartification process could only mean new security challenges. With the new developments in public-facing technologies, risks and actual attacks aren't limited to IoT devices, and are becoming widespread among public utilities as well.
Car hacking, or the exploitation of vulnerabilities in new built-in automotive smart systems, has become an eye-opening reality for many security researchers and consumers. According to German security specialist Dieter Spaar, vulnerabilities in the BMW ConnectedDrive technology could allow attackers to gain control of vehicles and enable them to remotely access related function apps.
Last July, vehicle security researchers Chris Valasek and Charlie Miller demonstrated how a Jeep Cherokee’s brakes and other critical control systems can be remotely controlled by anyone with an internet connection. According to Valasek and Miller, they can easily take control of the vehicle by sending data to its interconnected entertainment system and navigation system via a mobile phone network. In response to this, Chrysler announced the recall of 1.4 million vehicles that may be affected by the security hole.
As if hacking vehicles isn’t enough, attackers have also begun targeting healthcare devices, traffic light controls, and energy or industrial systems like gas-tank-monitoring systems. Last month, Trend Micro published a research paper that discussed the possible risks that internet-facing components could come up against. It was noted that the type of attack would depend on the sophistication of the systems, as less complex ones can limit what attackers could do.
The real-world implications of these incidents and findings highlight the lack of security surrounding interconnected devices and prove that attackers are scaling more security walls within the IoT landscape.
How We Can Prepare for IoT-related Risks?
While smart devices and systems are making life easier for its users, the steady adoption of the Internet of Things and the integration of more smart systems into critical infrastructures are making many industries and consumers more vulnerable to attacks—possibly with life-threatening repercussions. With cybercriminals looking past desktops and mobile devices, consumers must be more careful when it comes to the security of internet-connected devices and systems.
While we look to law enforcement agencies to help fight against possible attacks, we must remind and teach ourselves about the risks and dangers of insecure devices and systems. In addition to the tips in the article entitled “What to Consider When Buying a Smart Device”, here a few more ways to improve the security of your devices against possible IoT threats:
Enable all security features on all smart devices
Always update the device firmware
Use secure passwords
Close any unused ports on devices and routers
Utilize encryption for all networks and devices
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).