sb-as logo
Story image

Top tips to minimise security risks from your IoT devices

27 Feb 2019

Article by Trend Micro APAC consumer senior director Tim Falinksi

Homes are more connected now than ever before.

The average household now has 27 smart devices, and many tech-savvy users now send out the directive ‘Hey Google’ or ‘Hey Alexa’ multiple times a day, maximising this technology for everything from watching TV, adjusting the home lights or opening a garage door.

As more and more homes adopt these new devices, the relatively limited security on them has made them an attractive target for cybercriminals.

With little in place to prevent unauthorised access, many criminals see them as an easy way to gain access to home networks.

Globally, Trend Micro saw almost one billion possible attacks on home networks (879,306,356) in 2018.

Possible attacks are high-risk events that are closely related to threat activity, and can include potentially unwanted programs such as adware or grayware, inbound and outbound attacks. This means attacks going from home to Internet, or Internet to home, were seen in huge quantities throughout the year.

Passwords and cryptomining topped the list of possible attacks, with cybercriminals making the most of devices that are often running in the background to cash in on the cryptomining boom. Locally, iPhones topped the list of targeted devices, along with the usual targets – PCs, Macbooks and Androids.

While common household devices like routers and printers weren’t as common targets, making up eight per cent combined, they’re evidence of an increasing trend towards less-obvious points of entry.

Here are some steps for how users can minimise these risks while continuing to embrace smart devices:

  1. Rename your network

Many people don’t rename their Wifi network once it’s up and running, but if you’ve got a distinguishing feature in it – like ‘The Smiths’ Wifi’, then now is the time to choose something different. Selecting an obscure name makes it harder to be identified.

  1. Change the default

Devices such as routers and printers often come with a default password that many don’t realise need to be changed. Update all of these passwords since cybercriminals often use them as an easy point-of-entry into a network. Ensure these are strong passwords, with a unique mix of letters, numbers and characters.

  1. Stay up-to-date

Keep your software up-to-date on all devices – no more pressing ‘Remind me later’. The latest updates will include patches that fix common bugs, preventing cybercriminals from exploiting these to get access to your devices. Most companies stop providing support for dated versions of iOS, so it pays to ensure an operating system is still fully supported with regular updates.

  1. IoT audit

Conduct an audit of all the IoT devices that are connected to the network. How long have they been used? Are they still fully supported by the manufacturer? If they’re outdated models and no longer functioning as well as they should be, consider upgrading the devices to a newer model.

Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
Yubico launches latest YubiKey with NFC & USB-C support
Yubico has released a new hardware authentication key, designed to provide security through both near-field communication (NFC) and USB-C connections and smart card support.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Download image
Cryptography is everywhere - here's how to use it
The ubiquity of cryptography brings many business, operational and security challenges. Businesses today need to be able to react quickly to changing needs and roll out new solutions as fast as possible.More