sb-nz logo
Story image

Top tips to minimise security risks from your IoT devices

27 Feb 2019

Article by Trend Micro APAC consumer senior director Tim Falinksi

Homes are more connected now than ever before.

The average household now has 27 smart devices, and many tech-savvy users now send out the directive ‘Hey Google’ or ‘Hey Alexa’ multiple times a day, maximising this technology for everything from watching TV, adjusting the home lights or opening a garage door.

As more and more homes adopt these new devices, the relatively limited security on them has made them an attractive target for cybercriminals.

With little in place to prevent unauthorised access, many criminals see them as an easy way to gain access to home networks.

Globally, Trend Micro saw almost one billion possible attacks on home networks (879,306,356) in 2018.

Possible attacks are high-risk events that are closely related to threat activity, and can include potentially unwanted programs such as adware or grayware, inbound and outbound attacks. This means attacks going from home to Internet, or Internet to home, were seen in huge quantities throughout the year.

Passwords and cryptomining topped the list of possible attacks, with cybercriminals making the most of devices that are often running in the background to cash in on the cryptomining boom. Locally, iPhones topped the list of targeted devices, along with the usual targets – PCs, Macbooks and Androids.

While common household devices like routers and printers weren’t as common targets, making up eight per cent combined, they’re evidence of an increasing trend towards less-obvious points of entry.

Here are some steps for how users can minimise these risks while continuing to embrace smart devices:

  1. Rename your network

Many people don’t rename their Wifi network once it’s up and running, but if you’ve got a distinguishing feature in it – like ‘The Smiths’ Wifi’, then now is the time to choose something different. Selecting an obscure name makes it harder to be identified.

  1. Change the default

Devices such as routers and printers often come with a default password that many don’t realise need to be changed. Update all of these passwords since cybercriminals often use them as an easy point-of-entry into a network. Ensure these are strong passwords, with a unique mix of letters, numbers and characters.

  1. Stay up-to-date

Keep your software up-to-date on all devices – no more pressing ‘Remind me later’. The latest updates will include patches that fix common bugs, preventing cybercriminals from exploiting these to get access to your devices. Most companies stop providing support for dated versions of iOS, so it pays to ensure an operating system is still fully supported with regular updates.

  1. IoT audit

Conduct an audit of all the IoT devices that are connected to the network. How long have they been used? Are they still fully supported by the manufacturer? If they’re outdated models and no longer functioning as well as they should be, consider upgrading the devices to a newer model.

Link image
How to head off a rise in DDoS attacks
Many businesses invest in costly DDoS mitigation and protection solutions, but few test them. NCC Group tests all environments and is one of only two AWS DDoS Test Partners. Claim 10% off your next DDoS service today.More
Story image
Why organisations should wise up to the DDoS extortion trend
While it is essential to have a DDoS mitigation solution in place, it’s also important to test that it works as expected, writes NCC Group director of technical security consulting for Asia Pacific Tim Dillon.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Average person has 100 passwords - study
The average user has about 25% more passwords compared to earlier this year.More
Story image
Microsoft takes legal action to disrupt botnet and combat ransomware
Microsoft has announced it took action to disrupt a botnet, Trickbot, one of the world's most infamous botnets and prolific distributors of malware and ransomware.More