TopPins

Cyber Hygiene and the IoT: What Everybody Needs To Know About Security

Do you remember the sound of the Internet? If you grew up in the 90’s, you might remember the robotic song of a 56k modem as it tried to establish a connection, a vestige of a simpler times and emerging technologies. There were fewer people online, which meant fewer products sold and less money and assets flowing over the web — which, in turn, meant a less dangerous online space.

Nowadays, things are entirely different. You don’t have to dial into to the internet anymore, because it can be accessed from your mobile phone. In fact, Pew Research estimates that nearly nine-in-ten Americans are online today, up from about 50 percent at the beginning of the millennium. This says nothing of the periphery ways in which all of us are connected to and affected by the Internet such as when we are treated by hospitals reliant on connectivity, or when we’re affected by Russian hacking and meddling in our elections.

We’ve entered an era where cyber-ignorance is no longer acceptable. Ransomware alone has caused 15 times more damage than two years ago, causing $5 billion in damages in 2017, while Robert Gottliebsen, writing for The Australian, predicts that “we will look back on the last year as the beginning of an era where the increasing threat of cyber warfare will become greater than the threat of nuclear attack.”

The IoT: If You Don’t Know, Now You Know

One of the biggest changes between now and yesteryear is that just about everything is connected to the internet anymore. Seriously, refrigerators, toasters, coffee machines, houses — if you throw the adjective “smart” before any of these nouns, you’ll have a modern day appliance that connects to the web. The advanced network of smart devices is part of what’s called the “Internet of Things” (IoT), and they include your phone, your fitbit, and anything else connected to the Internet via an interface or even just a small sensor.

The benefits of this IoT are many; for example, the simple of addition of internet-connected digital signage to hospitals has been shown to both increase employee productivity and increase patient happiness, while IoT-connected drones promise to revolutionize everything from package delivery to agriculture and farming. Unfortunately, with great benefit comes great risk. Everything connected to the internet is the possible target of a cyberattack.

Not only are hospitals at risk of illegally divesting electronic health records (EHR) in the event of a breach, they’ve increasingly become the targets of ransomware attacks all over the world due to the critical nature of their electronic infrastructure to patient survival. To top it off, millions of average citizens suffered from IoT-connected device hijacking in late 2016 as the Mirai botnet switched on to begin a DDoS attack against Dyn, causing widespread internet outages throughout North America and some of Europe.

It’s no wonder that we’re seeing so many more breaches nowadays, though. Information is valuable, and hackers will go to great lengths to exploit that. In fact, the dark web has shown us that hacking as a service is definitely on the rise. This means that even if the average criminal doesn’t know how to get to your information, you bet your bottom dollar that they can easily hire somebody who can.

The point is, we’re not in Kansas anymore. No matter who you are, it’s likely your life is integrated in some way with the IoT. That includes if you ever use GPS on your phone or benefit from online banking. All of us are connected nowadays, and we need to start acting like it matters.

Cyber Hygiene: From Reactive Security to Proactivity and Preparation

Larry Magrid, a contributor to Forbes, wrote in 2014 five words that ring just as true today as they did then: “your cyber hygiene affects others.”

“Cyber security is a shared responsibility. Internet companies and brick and mortar merchants can do their part by shoring up the security of their networks and payment systems,” he writes. “Government can educate the public and enforce anti-cyber crime laws. Businesses can make sure that they have strong security processes in place, including making sure their employees use strong passwords and everyone can play an important role by securing our devices and being sure that our passwords are strong and unique.”

Maryville University’s Online Cyber Security program offers this guide for creating a strong password, advising users to avoid inclusion of birthdays, SSN, network names, or “QWERTY”/”AZSXDCF” keyboard patterns. Unfortunately, while users might be trying to protect themselves, what they need to understand is that not all IoT devices are inherently secure.

That’s right — some manufacturers have failed to establish adequate security protocols in the devices that they’re selling. The cameras that the Mirai botnet piggybacked off of back in 2016 have been recalled, and even IoT baby monitors have been compromised, with parents walking into their child’s room only to hear mysterious voices of hackers on the other end, sometimes saying lewd and lascivious things.

So, what can be done to stay safe on the Internet of Things?

Some countries have proposed new cybersecurity laws, while individuals and corporations have suggested investments in AI to help shore up cyber security. What’s for sure is that while they are doing their part, you also need to do yours by staying diligent.

Learn what ransomware is, and what phishing emails look like. Look up the most common ways people get infected and avoid falling victim to them, and begin following safety protocols that you learn and that you develop on your own.

It may have been possible in the past to rely on others to protect you from malicious cyber threats, but those days are long gone. You are the last line of defense when it comes to IoT security. Make sure you stay sharp.