{"id":15368,"date":"2019-05-22T06:00:01","date_gmt":"2019-05-22T14:00:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/05\/22\/news-9117\/"},"modified":"2019-05-22T06:00:01","modified_gmt":"2019-05-22T14:00:01","slug":"news-9117","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/05\/22\/news-9117\/","title":{"rendered":"Keep Your Smart Home Safe: Here\u2019s What You Can Do Today to Secure Your Products"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Wed, 22 May 2019 12:59:05 +0000<\/strong><\/p>\n

The Internet of Things (IoT) is transforming the way we live, work and play. You can find it in the fitness trackers you might be wearing to monitor step count and heart rate. Or the car you may be driving. But more than anywhere else, you\u2019ll see IoT at home in an increasing array of gadgets: from voice-activated smart speakers to internet-connected baby monitors.<\/p>\n

It\u2019s estimated<\/a> that 14.2 billion connected \u201cthings\u201d like these are in use globally in 2019, which will rise to 25 billion in a couple of years\u2019 time. There\u2019s just one problem: if not properly secured, they could present hackers with new opportunities to sneak into your smart home through the cyber-front door.<\/p>\n

So what are the risks\u2014and how can you protect your home?<\/p>\n

Governments take action<\/strong><\/p>\n

First, some good news: as consumers\u2019 homes fill with ever-greater numbers of smart gadgets, governments are aware of the growing risks of cyber-attacks. In the US, California is leading the way with new legislation<\/a> designed to force manufacturers to improve the security of their products. SB-327<\/a><\/em> introduces minimum requirements such as forcing each user to set a unique device password the first time they connect.<\/p>\n

Following hot on the heels of the Golden State is the federal government. Introduced in March, the bipartisan Internet of Things (IoT) Cybersecurity Improvement Act of 2019<\/a><\/em> doesn\u2019t cover all IoT makers, only ones which sell products to the government. However, it is hoped that the law will have a knock-on effect with the wider industry, encouraging other manufacturers to raise their standards.<\/p>\n

But it\u2019s not only the US that is making moves to safeguard IoT users. The UK in May introduced a proposed new law<\/a> designed to force manufacturers to adhere to key security requirements, covering things like unique passwords and security updates. In addition, retailers will only be allowed to sell devices with a clear label telling consumers how secure they are.<\/p>\n

While Trend Micro welcomes any government moves to make smart home gadgets more secure, the truth is that it will take a while for these laws to take effect\u2014and even longer for them to have an impact on the firms designing and building our connected devices. The US federal proposal will require a separate standards body to hunker down and draw up its requirements first, which could take months. There\u2019s also a risk that when new laws take effect, the hackers will simply move on to use new tactics not legislated for.<\/p>\n

That\u2019s why consumers must act now to secure their smart home. Below we list some of the key threats and how to take action.<\/p>\n

What\u2019s the problem?<\/strong><\/p>\n

The more smart gadgets there are in your home, the greater the number of potential targets for hackers. Devices could be hijacked if attackers manage to guess or crack the passwords protecting them, or exploit flaws in the underlying software (firmware) that runs them.<\/p>\n

This is made easier because some devices don\u2019t require a user to install a password; they simply run with an easy-to-guess factory default. Many manufacturers also don\u2019t issue regular updates (patches) either, or if they do, it\u2019s hard for users to find out about and install them. And unlike your laptop\/desktop and mobile devices, these IoT endpoints are typically too small to install AV on, further exposing them.<\/p>\n

Finally, it\u2019s not just the devices themselves that are at risk, but also the complex, underlying automation systems<\/a> that link them together behind the scenes. This complexity creates gaps that bad guys are adept at exploiting.<\/p>\n

So, to simplify, there are three main threat vectors facing home networks:<\/p>\n\n\n\n\n
<\/td>\n1) Physical danger<\/strong><\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Devices could be remotely controlled by attackers to surveil the family. For example, by hijacking feeds from smart security cameras, or other sensors around the house such as smart door and window locks, burglars could work out when the property is empty. They could even remotely unlock doors or windows, if these are internet-connected \u2014 for example by cloning the owner\u2019s voice and playing commands via your home assistant.<\/p>\n

Cases have been reported in the past of hackers remotely monitoring smart homes. In one incident, a baby monitor was hacked<\/a> and used to broadcast threats to the parents; while more extensive hacks of home security cameras have had their video content streamed online<\/a>.<\/p>\n\n\n\n\n
<\/td>\n2) Data loss and malware<\/strong><\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

These same devices are also a potential gateway into the home network, which could allow hackers to grab passwords for your key online accounts like banking and email. Any data they collect on you can be sold on the dark web and used for future identity fraud. The router<\/a> is in many ways the digital gateway to your smart home \u2014 the place where all your internet traffic passes through. That makes it particularly vulnerable to these kinds of attack. As well as data theft, hackers could be looking to spread malware such as ransomware and banking trojans.<\/p>\n

One major router threat spotted in 2018 was VPNFilter<\/a>\u2014information-stealing malware which infected at least half a million routers globally by exploiting vulnerabilities in the devices.<\/p>\n\n\n\n\n
<\/td>\n3) Hijacked devices become botnets<\/strong><\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

In another scenario, your smart home gadgets and router are hijacked and remotely controlled not to install ransomware or steal data from your family, but to use in attacks on others. Typically, they become part of a botnet of controlled machines which are programmed to do the bidding of the hackers. This could range from launching denial-of-service (DoS) attacks on businesses to illegally mining for crypto-currency.<\/p>\n

The most famous example of this kind of attack came in 2016, when the Mirai campaign<\/a> managed to hijack tens of thousands of IoT devices by scanning for any exposed to the internet and protected only with factory default passwords. In an infamous attack<\/a>, it managed to take out a key online provider, resulting in outages at some of the biggest sites on the internet, including Twitter and Netflix.<\/p>\n

What to do next<\/strong><\/p>\n

All that said, there are some simple steps you can take today to help reduce your exposure to IoT threats. It should begin with taking time out to understand how your devices work. Are they password protected? How are they updated? Are they running unnecessary services which may expose them to attackers? A bit of research before you buy and install them will also go a long way to keeping you safe.<\/p>\n

Here are a few best practice tips to get you started:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Change factory default passwords to strong and unique credentials.<\/li>\n
  • Switch on two-factor authentication for even more log-in protection, if offered.<\/li>\n
  • Regularly check for firmware updates and apply as soon as they\u2019re available. This may require you to visit the manufacturer\u2019s website from time-to-time.<\/li>\n
  • Use WPA2 on your routers for encrypted Wi-Fi.<\/li>\n
  • Disable UPnP and any remote management features.<\/li>\n
  • Set up a guest network on your router, which will help protect your main network, its devices and data, from network worms and other malware inadvertently introduced by guests.<\/li>\n
  • Protect your computers and smartphones with AV and only download legitimate smart home apps.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

How Trend Micro can help<\/strong><\/p>\n

Trend Micro is here to offer you peace-of-mind when it comes to protecting your smart home. The first step is diagnostic: download our Housecall\"\u2122\" for Home Networks<\/a> tool to check your network. It will run a comprehensive scan on all your smart home gadgets, highlighting any vulnerabilities and other risks, and providing helpful advice for keeping your network and devices secure.<\/p>\n

Next up, install Trend Micro Home Network Security<\/a> (HNS) for comprehensive protection on all your home devices. It blocks dangerous file downloads and malicious websites, protects your personal\/financial data from theft, and will keep ransomware, phishing and other threats at bay. HNS provides instant threat notifications, lets you disconnect any unwanted devices from your network, and offers full control over your devices from your Android or iOS smartphone with the paired HNS monitoring app.<\/p>\n

Watch our Trend Micro Home Network Security videos<\/a> to find out more about how HNS helps protect your network.<\/p>\n

The post Keep Your Smart Home Safe: Here\u2019s What You Can Do Today to Secure Your Products<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Wed, 22 May 2019 12:59:05 +0000<\/strong><\/p>\n

The Internet of Things (IoT) is transforming the way we live, work and play. You can find it in the fitness trackers you might be wearing to monitor step count and heart rate. Or the car you may be driving. But more than anywhere else, you\u2019ll see IoT at home in an increasing array of…<\/p>\n

The post Keep Your Smart Home Safe: Here\u2019s What You Can Do Today to Secure Your Products<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10789,21841,21842,21843],"class_list":["post-15368","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-consumer","tag-home-network-protection","tag-home-networks","tag-smart-homes"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15368","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15368"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15368\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15368"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15368"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15368"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}