SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Top tips to minimise security risks from your IoT devices
Wed, 27th Feb 2019
FYI, this story is more than a year old

Homes are more connected now than ever before.

The average household now has 27 smart devices, and many tech-savvy users now send out the directive ‘Hey Google' or ‘Hey Alexa' multiple times a day, maximising this technology for everything from watching TV, adjusting the home lights or opening a garage door.

As more and more homes adopt these new devices, the relatively limited security on them has made them an attractive target for cybercriminals.

With little in place to prevent unauthorised access, many criminals see them as an easy way to gain access to home networks.

Globally, Trend Micro saw almost one billion possible attacks on home networks (879,306,356) in 2018.

Possible attacks are high-risk events that are closely related to threat activity, and can include potentially unwanted programs such as adware or grayware, inbound and outbound attacks. This means attacks going from home to Internet, or Internet to home, were seen in huge quantities throughout the year.

Passwords and cryptomining topped the list of possible attacks, with cybercriminals making the most of devices that are often running in the background to cash in on the cryptomining boom. Locally, iPhones topped the list of targeted devices, along with the usual targets – PCs, Macbooks and Androids.

While common household devices like routers and printers weren't as common targets, making up eight per cent combined, they're evidence of an increasing trend towards less-obvious points of entry.

Here are some steps for how users can minimise these risks while continuing to embrace smart devices:

  1. Rename your network

Many people don't rename their Wifi network once it's up and running, but if you've got a distinguishing feature in it – like ‘The Smiths' Wifi', then now is the time to choose something different. Selecting an obscure name makes it harder to be identified.

  1. Change the default

Devices such as routers and printers often come with a default password that many don't realise need to be changed. Update all of these passwords since cybercriminals often use them as an easy point-of-entry into a network. Ensure these are strong passwords, with a unique mix of letters, numbers and characters.

  1. Stay up-to-date

Keep your software up-to-date on all devices – no more pressing ‘Remind me later'. The latest updates will include patches that fix common bugs, preventing cybercriminals from exploiting these to get access to your devices. Most companies stop providing support for dated versions of iOS, so it pays to ensure an operating system is still fully supported with regular updates.

  1. IoT audit

Conduct an audit of all the IoT devices that are connected to the network. How long have they been used? Are they still fully supported by the manufacturer? If they're outdated models and no longer functioning as well as they should be, consider upgrading the devices to a newer model.