sb-nz logo
Story image

Top tips to minimise security risks from your IoT devices

27 Feb 2019

Article by Trend Micro APAC consumer senior director Tim Falinksi

Homes are more connected now than ever before.

The average household now has 27 smart devices, and many tech-savvy users now send out the directive ‘Hey Google’ or ‘Hey Alexa’ multiple times a day, maximising this technology for everything from watching TV, adjusting the home lights or opening a garage door.

As more and more homes adopt these new devices, the relatively limited security on them has made them an attractive target for cybercriminals.

With little in place to prevent unauthorised access, many criminals see them as an easy way to gain access to home networks.

Globally, Trend Micro saw almost one billion possible attacks on home networks (879,306,356) in 2018.

Possible attacks are high-risk events that are closely related to threat activity, and can include potentially unwanted programs such as adware or grayware, inbound and outbound attacks. This means attacks going from home to Internet, or Internet to home, were seen in huge quantities throughout the year.

Passwords and cryptomining topped the list of possible attacks, with cybercriminals making the most of devices that are often running in the background to cash in on the cryptomining boom. Locally, iPhones topped the list of targeted devices, along with the usual targets – PCs, Macbooks and Androids.

While common household devices like routers and printers weren’t as common targets, making up eight per cent combined, they’re evidence of an increasing trend towards less-obvious points of entry.

Here are some steps for how users can minimise these risks while continuing to embrace smart devices:

  1. Rename your network

Many people don’t rename their Wifi network once it’s up and running, but if you’ve got a distinguishing feature in it – like ‘The Smiths’ Wifi’, then now is the time to choose something different. Selecting an obscure name makes it harder to be identified.

  1. Change the default

Devices such as routers and printers often come with a default password that many don’t realise need to be changed. Update all of these passwords since cybercriminals often use them as an easy point-of-entry into a network. Ensure these are strong passwords, with a unique mix of letters, numbers and characters.

  1. Stay up-to-date

Keep your software up-to-date on all devices – no more pressing ‘Remind me later’. The latest updates will include patches that fix common bugs, preventing cybercriminals from exploiting these to get access to your devices. Most companies stop providing support for dated versions of iOS, so it pays to ensure an operating system is still fully supported with regular updates.

  1. IoT audit

Conduct an audit of all the IoT devices that are connected to the network. How long have they been used? Are they still fully supported by the manufacturer? If they’re outdated models and no longer functioning as well as they should be, consider upgrading the devices to a newer model.

Story image
IT professionals destroying end-of-life hardware over fears of data breaches - report
IT directors are destroying end of life tech hardware as opposed to erasing its data out of fear of making a mistake and facing data breaches.More
Story image
Entrust acquires HyTrust, with aim to improve data encryption solutions
Entrust says the acquisition will bolster its effort to deliver data protection and compliance solutions to its customers, while accelerating their digital transformations.More
Story image
App security not keeping up with rapid development — Radware
“With more than 70% of respondents reporting that their production apps have already left the data centre, ensuring the security and integrity of these data and applications is becoming more challenging, particularly in multi-cloud environments.”More
Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More
Story image
First AML awarded Privacy Trust Mark
“First AML conducts regular, detailed staff privacy and security training sessions and employs regular third-party audits that go above and beyond what is required by law."More
Story image
Malware vendors look to marketing to spread Android RAT
What happens when an Android malware vendor teams up with a marketer? It turns out the answer is quite a lot.More