Safer internet day 2018- admirable goal, but impossible to achieve without considering IoT Security
“Safer internet day 2018” was celebrated on February 6th. It was an opportunity to stop and think about all the things that make our connected world great and how to ensure it remains so. In recent years, the awareness of the risks involved in the use of internet, social media platform, mobile devices and wearables has risen to a point where almost everyone knows the basics of cyber hygiene.
We are taught to choose complex password, not to share intimate details online and to buy online only at respectable websites. We also know that lawmakers have invested a great deal in enacting laws and regulations to maintain our safety and privacy- such as the EU GPDR.
We are aware of the danger of theft identity, online bullying and denial of service attacks on our personal devices and corporate networks and websites. But the connected world is changing, and our perception of it should change too. Not too long ago, “The Internet” was a place you “went to” to connect with people. You sometime literally walked to an internet café to get “Online”.
The Internet of Things changes, well- everything
But the internet revolution does not stop there- the “Things” around us are also becoming increasingly connected, and, like our smartphones, are “always on”. But the big difference is that unlike those physical devices (be it hand help or placed on a table), connected devices are embedded in our home and work environment (and cars, too). We buy them, connect them and forget they are even there. We also pay less attention to securing them, and this opens the door for malicious actors to exploit these devices. To date such devices have been exploited on a very basic level- hackers considered them small, connected and unprotected devices, and have recruited them to Botnets or used them for mining cryptocurrencies. But as more sophisticated devices will become the norm, hackers will also utilize their unique characteristics- they can record the audio and video of their surrounding (including your home), they can lock your doors or play with the temperature of you’re A/C.
Start educating now
This sounds alarming and it should be. But while we (as a society and parents) are doing a decent job educating the population (and our own kids) about the dangers and best practices of the internet, we fail to so when it comes to connected devices. My guess is that several more very high profile IoT attacks will do the trick and break the mental barrier that makes people feel safe around such devices. But you don’t need to wait until then. You can start by questioning the best practices of securing smart home IoT devices and ask your IoT service provider what are they doing to secure your connected device. IoT security solutions are now available and will be deployed very soon to boost security levels, but until then, and even after they are deployed, awareness and common sense will be required to ensure the true safety of the new interest.
Remember- from now on we cannot and should not differentiate between online security and safety and “offline” (yet connected) security and safety. Keep in mind you are always, to some degree, connected and monitored, and act accordingly.
Have a nice and secured day!