Are Your Toys Spying On You?
Welcome to the first CyberSafe alert of 2019. We trust you all had a
safe and prosperous holiday season and are looking forward to the rest
of 2019.
Accompanying the holiday season more often than not is a wide
variety of presents, and more likely than not these days, those presents
will be electronic is some form or other. That’s the focus of this post
holiday CyberSafe alert.
In the CyberSafe book
we talk about the Internet of Things (IoT), and how so many consumers
are not even aware of how many of their electronic goods are connected
to the internet in one way or another. Not only are they connected to
the internet, but a lot of these devices have wide open security that
allows them to be hijacked.
A recent case that clearly demonstrates this danger is that of the
British security consultant jailed for effectively taking a whole
country (Liberia) offline. He brought down Liberia’s primary telecoms
provider, by hacking into and using -ironically- cheap security cameras
with minimal password protection to send so much data traffic to the
telecoms company that their servers were overwhelmed. This example alone
should demonstrate how easy it is for an e-intruder to enter your home
by hacking into your shiny new presents. Think it can’t happen to you
because you don’t have cheap security cameras? Well, let me give you
some other examples:
The baby monitors transmitting a live feed onto the internet for all to see
Your childs smart teddy bear that can be hijacked
The car that allows hackers to take control of its systems remotely
The printers that were hijacked and used to gain access to small business networks
Once in control of a toy, a hacker could have access to your smart
TVs, mobile phones, computers, tablets, gaming systems, in fact
potentially anything connected to your families or your businesses
network.
But, here at the CyberSafe alert, we’re not interested in scaring
you away from all things electronic but in giving you actionable advice
to protect yourself. So here goes. Here are some things you can do to
protect yourself, your family, and your business if you have IoT
connected devices:
- Attach a security device like Bitdefenders Box or Winston to help protect your network
- Where possible, lock down IoT applications and operating systems. Just like any server, the device should have the absolute minimum of network services. Your smart TV may need to use DNS, but your smart baby monitor? Not so much
- Check your device documentation. If it allows you to change the default password, make sure you do. Most of these default passwords are either easy to guess or public knowledge
- Make sure that the contact information for all of your devices are up-to-date including an email address regularly used to receive security updates and related notifications
- Confirm all your devices and their mobile applications are set to automatic updating to help maximise protection. Review their sites for the latest firmware patches. If they are not automatically updated, follow the instructions to manually update them
- Review the privacy policies, and practices of your devices, including data collection and data sharing with third parties. Your settings can be inadvertently changed during updates. Reset as appropriate to reflect your preferences
- Review devices' warranty and support policies. If they are no longer supported with patches and updates, disable the device’s connectivity or discontinue usage of the device
- Before discarding, returning or selling any device, remove any personal data and reset it to factory settings. Disable the associated online account and delete any associated data
- Review privacy settings on your mobile devices including location tracking, cookies, contact sharing, bluetooth, microphone and other settings. Set all your device and applications to prompt you before turning on and sharing and data
Do these things and it will go a long way in keeping you safe from hackers. As we like to say at the CyberSafe alert - Don’t Be Scared; Be Prepared
Want a regular briefing about the newest Cyber threats? Subscribe to the Cybersafe Alert now!
If you can't wait for the CyberSafe Alert to tell you how to protect yourself online, get CyberSafe the book. It's packed with the useful information and strategies you need to keep yourself, your family, and your business safe online.
Disclaimer
Every effort has been made to ensure that the content provided in this newsletter is accurate and helpful for our readers. However, this is not an exhaustive treatment of the subjects. No liability is assumed for losses or damages due to the information provided. You are responsible for your own choices, actions, and results.
Every effort has been made to ensure that the content provided in this newsletter is accurate and helpful for our readers. However, this is not an exhaustive treatment of the subjects. No liability is assumed for losses or damages due to the information provided. You are responsible for your own choices, actions, and results.