Securing Connected Home Devices

"IoT security" is considered an oxymoron by some, yet basic protection measures are available, though rarely used by home users.

That’s why Japan sought to secure IoT devices before the 2020 Summer Olympics in Tokyo, to avoid malware like Olympic Destroyer and similar attacks. The government requested employees of the Japanese National Institute of Information and Communications Technology (NICT) to hack into people’s IoT devices by using password dictionaries and default passwords.

The result of this Japanese initiative should have been a list of unsecured IoT devices so that the authorities and Internet service providers could take measures to secure them. What followed was public backlash.

On the other side of the universe, on July 16, the European Commission launched an IoT antitrust competition. Following this initiative, Germany, South Korea, and the United Kingdom developed policies to mitigate the harmful impact of IoT security vulnerabilities.

Governmental efforts only highlight the problem, but the solutions must come from the tech industry itself. “IoT security” is considered an oxymoron by some, yet basic protection measures are available, though rarely used by home users.

Immediate fixes

When Japan raised the specter of hacking consumer IoT devices, it addressed the most common mistake users make, namely keeping the default passwords or using the same password for multiple devices and accounts. Once leaked, the password gives access to the full ecosystem of the user’s accounts, including those related to their work.

A study by the password manager NordPass revealed that there are 10 billion records on the dark web ready to be picked up by bad actors. The first thing that needs to be done is to require employees to create unique passwords for each and every device they own. To avoid the hassle of remembering them all, using a password manager is the best solution.

Network security combo

VPN minimizes the problem of vulnerability when devices use unencrypted traffic. A VPN connection set up on the router protects the network against man-in-the-middle attacks. This makes targeted botnet and DDoS attacks much harder to launch, too. On the other hand, devices might become undiscoverable when trying to manage them outside the network.

A VPN can also prevent home devices from participating in botnet attacks. If you set up a VPN on your router, you can connect and secure any number of gadgets with a single device slot. Any device that connects to it will automatically be private on the Internet.

There is one category of IoT devices that should have a native VPN app on at all times: smart TVs. These days, TVs are used to access files in the cloud, shop online, or even participate in meetings. They store massive amounts of financial data. Attackers could use your smart TV to download malware or turn on your webcam. A VPN app encrypts online activities to keep online snoopers away.

As of now, there is no silver bullet, as it’s become impossible to track everything within such scattered peripheries, but these steps are a good starting point.

Advancing IoT technology

Verified Market Research estimates that the IoT market will be worth $1319.08 billion globally by 2026, at a CAGR of 25.68 percent. With technologies like digital twin, artificial intelligence, and 5G, it will receive a major boost. At least in the short term, IoT developers will focus on the core needs, such as health and safety as well as equipment monitoring.

AI-powered IoT might expect another stimulus coming from the European Union, as it’s planning to force tech companies to open up their data to European SMEs that use their platform for doing business.

This is a very significant trend to follow as, if it succeeds, the EU will lay the foundation for other countries to follow suit, as they did with the introduction of the GDPR.

As of today, IoT is moving towards edge computing. More data is expected to be processed by the devices themselves or by local systems, rather than through a data center, which will be done for the sake of efficiency.

This means that IoT security will continue to be an evolving concept—and that security must be an integral part.


Latest Updates

Subscribe to our YouTube Channel