Securing a device on a network is not hard. It starts with some basic practices, like changing passwords from the default when you first install a device, and changing them periodically after that. It also involves regularly updating your device software, applying patches to close holes that hackers can take advantage of.
The rapid advances in technology have created a huge market for Silicon Valley, and those that piggy-back off of them, to try and turn our homes into something resembling the town of Eureka. Doorbells with cameras you can answer from your phone. Garage doors and coffee pots that you can turn on and off by using an app. Thermostats that can be remotely controlled. Millions of dollars can be made selling these things to Americans craving convenience.
And yet security experts have warned that these devices are inherently dangerous. Some devices cannot be patched, meaning that any holes found by hackers can be exploited forever. And how much information can these devices give away? Say you use an app connected to your thermostat to start cooling down the temperature in preparation for your arrival home from work at the same time every day. Because this information travels over your network, anyone can see it…which means that anyone can know when you will be home and when you aren’t. Creepy to think about, isn’t it?
So why aren’t these devices more secure? For two reasons: One, ordinary users aren’t exactly the best when it comes to practicing cybersecurity. Despite numerous warnings and reminders after every hack, users are still using weak passwords, and the same passwords for multiple accounts. They also aren’t changing their default passwords on their new IoT devices. Users bear some clear responsibility to start thinking about the security of the devices they use.
The second reason: Because ordinary users aren’t demanding security in their devices, the companies that make them don’t prioritize security. Companies who design and sell these devices could do more to make them secure. They could require users to change a password from the default when they install a device. They could demand strong password criteria, or prompt users to change passwords on a regular basis. Companies and device makers also bear responsibility for the insecurity of the IoT.
After the events of last week, we’ve now seen exactly how much damage the insecurity of the IoT can do.
After Years Of Warnings, Internet Of Things Devices To Blame For Big Internet Attack — Fast Company
Hundreds of thousands of cameras, routers, and DVRs have been hijacked by malware for use in massive denial of service attacks. Hundreds of thousands of cameras, routers, and DVRs have been hijacked by malware for use in massive denial of service attacks.On Friday, a series of massive distributed denial of service attacks disrupted access to…