At some point, the Internet of Things (IoT) will permeate through all of the devices and appliances we purchase for our home, similar to how 3D TVs were once ubiquitous despite the lack of consumer demand earlier this decade. You might not have a choice other than to purchase a “smart” fridge, an Internet-connected washing machine, or a WiFi enabled air-conditioner to replace your broken appliances.
The commoditization of putting a chip in things has created an explosive growth of smart devices and left us surrounded by a web of insecure things. The security of devices can only be described as idIOTic.
So, what steps can you take to protect yourself as our daily lives get assimilated into the Borg universe?
The first step is to accept that IoT devices are unlikely to receive timely updates and have a multitude of vulnerabilities that are either well known or will be discovered in the near future.
Every IoT device carries an unknown quantity of risk to your network and the Internet at large. The device itself could invade your privacy on behalf of an attacker or it could be used as a redirector or hop point to further compromise your network of personal computers or it could be used as a drone to participate in distributed denial of service (DDoS) attacks.
So how can you protect yourself, once you’ve accepted the insecurities present in IoT?
Step 1: Network Segmentation
IoT devices communicate with a controller service, which is typically a web based service managed by the device manufacturer or a local smart hub that relays all of the IoT communication.
In order to mitigate against the risk posed by IoT devices, we can deploy network segmentation to isolate the network activity of the device from the rest of the home network. (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Jeffrey Tang. Read the original post at: Cylance Blog