Tuesday, 12 February 2019

CyberSafe Alert 2019 Edition 1


Are Your Toys Spying On You?
Welcome to the first CyberSafe alert of 2019. We trust you all had a safe and prosperous holiday season and are looking forward to the rest of 2019.
 
Accompanying the holiday season more often than not is a wide variety of presents, and more likely than not these days, those presents will be electronic is some form or other. That’s the focus of this post holiday CyberSafe alert.
 
In the CyberSafe book we talk about the Internet of Things (IoT), and how so many consumers are not even aware of how many of their electronic goods are connected to the internet in one way or another. Not only are they connected to the internet, but a lot of these devices have wide open security that allows them to be hijacked.
 
A recent case that clearly demonstrates this danger is that of the British security consultant jailed for effectively taking a whole country (Liberia) offline. He brought down Liberia’s primary telecoms provider, by hacking into and using -ironically- cheap security cameras with minimal password protection to send so much data traffic to the telecoms company that their servers were overwhelmed. This example alone should demonstrate how easy it is for an e-intruder to enter your home by hacking into your shiny new presents. Think it can’t happen to you because you don’t have cheap security cameras? Well, let me give you some other examples:
 
The baby monitors transmitting a live feed onto the internet for all to see
Your childs smart teddy bear that can be hijacked
The car that allows hackers to take control of its systems remotely
The printers that were hijacked and used to gain access to small business networks
 
Once in control of a toy, a hacker could have access to your smart TVs, mobile phones, computers, tablets, gaming systems, in fact potentially anything connected to your families or your businesses network.
 
But, here at the CyberSafe alert, we’re not interested in scaring you away from all things electronic but in giving you actionable advice to protect yourself. So here goes. Here are some things you can do to protect yourself, your family, and your business if you have IoT connected devices:
 
  • Attach a security device like Bitdefenders Box or Winston to help protect your network
  • Where possible, lock down IoT applications and operating systems. Just like any server, the device should have the absolute minimum of network services. Your smart TV may need to use DNS, but your smart baby monitor? Not so much
  • Check your device documentation. If it allows you to change the default password, make sure you do. Most of these default passwords are either easy to guess or public knowledge
  • Make sure that the contact information for all of your devices are up-to-date including an email address regularly used to receive security updates and related notifications
  • Confirm all your devices and their mobile applications are set to automatic updating to help maximise protection. Review their sites for the latest firmware patches. If they are not automatically updated, follow the instructions to manually update them
  • Review the privacy policies, and practices of your devices, including data collection and data sharing with third parties. Your settings can be inadvertently changed during updates. Reset as appropriate to reflect your preferences
  • Review devices' warranty and support policies. If they are no longer supported with patches and updates, disable the device’s connectivity or discontinue usage of the device
  • Before discarding, returning or selling any device, remove any personal data and reset it to factory settings. Disable the associated online account and delete any associated data
  • Review privacy settings on your mobile devices including location tracking, cookies, contact sharing, bluetooth, microphone and other settings. Set all your device and applications to prompt you before turning on and sharing and data
 
Do these things and it will go a long way in keeping you safe from hackers. As we like to say at the CyberSafe alert - Don’t Be Scared; Be Prepared


Want a regular briefing about the newest Cyber threats?  Subscribe to the Cybersafe Alert now!

http://www.expatpat.com/cybersafe-alert
https://my.sendinblue.com/users/subscribe/js_id/2kpcr/id/1

If you can't wait for the CyberSafe Alert to tell you how to protect yourself online, get CyberSafe the book.  It's packed with the useful information and strategies you need to keep yourself, your family, and your business safe online.

http://www.expatpat.com/cybersafe-book
http://www.expatpat.com/cybersafe-book 

Disclaimer
Every effort has been made to ensure that the content provided in this newsletter is accurate and helpful for our readers. However, this is not an exhaustive treatment of the subjects. No liability is assumed for losses or damages due to the information provided. You are responsible for your own choices, actions, and results.