Billions of fitness trackers, medical implants, surveillance cameras, home appliances, thermostats, baby monitors and computers in automobiles now are connected as part of a rapidly expanding “internet of things.”
But many such devices were developed without security considerations. As a result, they are prime targets for hackers.
Here are tips to protect your devices:
How do I know if I have an “Internet of things” device?
If you have a device that is capable of connecting to the internet or shares information over a wireless network in your home, it is potentially insecure and can be leveraged for a cyberattack.
Last month, hackers harnessed an army of 100,000 internet-connected devices around the world, such as DVRs and security cameras, to attack Dyn Co., which helps route internet traffic to its destination. It caused temporary internet outages to sites that included Twitter, PayPal, Pinterest, Reddit and Spotify.
Why should I care?
Hackers can penetrate devices to directly harm someone or to target critical infrastructure.
They can remotely disable a car, raise the thermostat on refrigerated foods, and toy with internet-enabled medical devices.
In the Dyn attack, hackers used the devices to flood the internet infrastructure company with data and knock it offline.
Such tactics also could be used against electrical and water systems, which are increasingly being put online to allow for remote operation.
What can I do?
Make sure you are aware of what you are connecting to the internet, and think about what is necessary.
That feature on your new bathroom scale that syncs with your phone is handy, but can you password protect it from getting hacked?
Any device that has the capabilities of remotely sending information elsewhere is vulnerable. Therefore, the software on that device and the network it connects to must be secured.
If a device comes with a default password, make sure you change it. You should also change the password on your wireless network at home. Use complex passphrases to ensure your device is not easily hacked.
The Dyn attack was made possible by devices with default passwords that were never changed.
Whom do I contact if I am worried about a device?
Contacting the manufacturer or vendor of the device may not always help.
This is especially true because innovation has frequently outpaced cybersecurity education.
The Homeland Security Department sends out public alerts about vulnerabilities through its US-CERT program that you can sign up for on its website .
You can also contact the department directly.
The Associated Press contributed to this article.Â
Rufus Bogardus says
The less time you’re web-connected, the less time you’re exposed.
Justin W says
In the wake of the Clinton email scandals everyone needs to change passwords on a regular basis. The passwords need to be complex enough they can’t easily be guessed. I have moved to 9-15 character passwords which are a combination of capital letters, small letters, numbers and symbols. I turn most of my devices off when they aren’t in use. Turning the device off saves energy and reduces the opportunities for hackers to try to access the device.
CJ says
That’s the price of our High-tech society
Road Runner says
Maybe we should simply disband the internet and it’s physical structure and start to be more self-reliant. Where, oh where, will these treacherous hackers EVER go when they no longer have ANY to defraud or rob blind? I wonder what these Looney Tunes ever did before we had an internet? Their lives must have been filled with boredom on an astronomical scale in order to have decided to take a genuinely GOOD and USEFULL tool and turn it into a CYBER WEAPON. Did ANYONE EVER DO ANYTHING THAT BAD TO THEM? If it was a legitimate criminal act that was committed against them. Why didn’t they make
criminal complaint and obtain justice the honorable and right way?