FBI warns on Internet of Things

Beth Anne Steele for FBI Portland:

Last week we talked about smart TVs—and how that built-in Internet connection can allow manufacturers, streaming services, and even hackers an open door into your home.

This week, we are looking at the larger Internet of Things (IoT). Basically, this means everything else in your home that connects to the world wide web. If you look at the holiday wish lists that your kids, spouse, and parents conveniently dropped on you last week at Thanksgiving — most everything on there probably makes the cut.

Digital assistants, smart watches, fitness trackers, home security devices, thermostats, refrigerators, and even light bulbs are all on the list. Add to that all of the fun stuff: remote-controlled robots; games and gaming systems; interactive dolls; and talking stuffed animals … well, the list seems endless.

What these all have in common is that they send and receive data. But do you know how that data is collected? And where it is going?

Another concern is that hackers can use that innocent device to do a virtual drive-by of your digital life. Unsecured devices can allow hackers a path into your router, giving the bad guy access to everything else on your home network that you thought was secure. Are private pictures and passwords safely stored on your computer? Don’t be so sure.

Here’s what you can do to build that digital defense:

• Change the device’s factory settings from the default password. A simple Internet search should tell you how—and if you can’t find the information, consider moving on to another product.
• Passwords should be as long as possible and unique for IoT devices.
• Many connected devices are supported by mobile apps on your phone. These apps could be running in the background and using default permissions that you never realized you approved. Know what kind of personal information those apps are collecting and say “no” to privilege requests that don’t make sense.
• Secure your network. Your fridge and your laptop should not be on the same network. Keep your most private, sensitive data on a separate system from your other IoT devices.
• Make sure all your devices are updated regularly. If automatic updates are available for software, hardware, and operating systems, turn them on.

As always, if you have been victimized by a cyber fraud, be sure to report it to the FBI’s Internet Crime Complaint Center at ic3.gov or call your local FBI office.

Source: FBI.gov

MacDailyNews Take: Here’s even better advice: If it’s not certified HomeKit-compatible, don’t use it.

Use a HomeKit‑enabled router as the foundational layer of security for your smart home. HomeKit routers can firewall off each of your accessories so even if one were to be compromised, it wouldn’t be able to access your other devices or personal information. You can use the Home app to control which services your HomeKit accessories can communicate with in your network and on the internet. Leading manufacturers like Eero, Linksys, and Charter Spectrum have announced support for HomeKit‑enabled routers.

Find out more about HomeKit here.

Here is a list of HomeKit IoT devices: https://www.apple.com/shop/accessories/all-accessories/homekit

11 Comments

  1. I use the “Guest Network” feature on my router to connect things on the WiFi. This prevents someone gaining access to my home network through those type of devices. At least I think so. Things are always changing.

  2. Why the F do I need a refrigerator that’s connected to the internet (or many other such devices)?

    Do we really need, or are we greatly benefited by the “Home-Kitted Life?” Ironically, such a life is more “fettered” and not aided at all.

    All of these “advancements” act to actually curtail my “need” to be connected. Living at the end of a long dirt road with lots of fresh air, beautiful things all around and not “connected,” sounds better each day.

      1. I’ve lived for decades and no refrigerator I’ve ever owned has died. Losing power is a different story. In addition, buy fresh foods and you’re not likely to lose hundreds of dollars of food.

        Living life with such “insurance/protections” is living a life with a lot of fear and, or extra complexity. It’s a life with a back-up for thing we own/do. Might as well add a back-up for the back-up and a back-up for that as well?

  3. Of course, the BEST way to go is a 100% pure wired LAN, with a hidden network. I’m about half-way there. I turn off the Verizon wireless in the router. Run CAT6 to my Apple Airport, and then have a hidden network wireless and other devices LAN to the Airport. That said, I’m working on all-wired devices, no wifi. This may prove problematic with AirPlay to Apple TV, but not sure that isn’t just a peer-to-peer setup?… Hmmm. As you can see, a ways to go, but getting there.

    1. You are wasting your time with a ‘hidden’ network. These are trivial to sniff. You can even use off the shelf tools to do that (Acrylic Wi-Fi Professional, Airodump-ng, Kisemt being a few of many)

  4. dear FBI sirs, why then did you (and other dudes in the government ) want to push so hard for devices including phones, PCs and servers to have backdoors ?

    WIRED 2013:
    “the FBI wants a more wiretap-friendly internet, and legislation to mandate it will likely be proposed this year.”

    (is it because like all forms of Government the left hand doesn’t cooperate with the right? Investigative branch wants easy tap devices, cyber crime wants more security ? )

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.