Computers and smartphones that are connected to the Internet must be protected accordingly – most people know that by now. However, not all users are aware that smart TVs, webcams, printers and other IoT devices can also pose a security risk, according to the National Cyber Security Center (NCSC). The center therefore provides a range of measures to protect smart devices smartly as well.
Passwords
After purchase, most IoT devices are protected with a default password. The NCSC recommends that you set your own password immediately when you first start up – the more complex, the better. What makes a password not only strong, but also secure, you can read here. If possible, users should also secure their smart devices with two-factor authentication.
Security updates
IoT device manufacturers provide security updates when they become aware of a vulnerability. Of course, these updates are useless if owners of Smart Fridge and co. do not install them. As a result, the NCSC advises, “Make sure IoT devices are up to date and always apply updates promptly.”
Internet access
There are many cyber crooks and threat actors on the Internet. Therefore, IoT users should ensure that their devices are not accessible via the Internet unless their use requires it. If, on the other hand, access is required, it is imperative that other security measures be taken, such as using a VPN connection for Internet access with the device, according to NCSC. Another method, he said, is to use an IP address filter or geo-IP filter to restrict access from the Internet.
But who would hack my refrigerator?
With the right tools, it is possible for any person to track smart devices over the Internet without much expertise or effort. The Shodan program, for example, makes it possible to find devices and systems connected to the Internet, which is why it is also considered a “search engine for IoT,” as the NCSC explains. Shodan scans IP addresses connected to the Internet for open ports and analyzes the results. These are entered into a database, which the user can search for specific keywords and filter according to criteria, according to the statement. The database can be searched for terms such as “webcam or smart TV”. Shodan presents the results along with additional information such as IP addresses and ports. That makes it even more important to adequately secure all devices, according to NCSC.
Source: https://www.swisscybersecurity.net/cybersecurity/2023-04-21/beruechtigte-hackergruppe-lockbit-tueftelt-an-ransomware-fuer-den-mac