How can we be sure that our devices and networks are secure?
If you’re like me, you enjoy using technology. You have a video camera to see who’s at the door; maybe you have more cameras to surveil your entire property. You have a WiFi-connected thermostat; maybe you have a Wi-Fi-connected smoke detector. You have a wireless speaker; maybe you have eight. You have wireless light bulbs and wireless blinds; maybe you have an internet-connected refrigerator and wireless video streaming on all TVs. You have a phone and a tablet, and your kids have more.
All told, I have 51 internet-connected devices in my home. Some people have more, some less. Are you aware of how many connected devices run your life? How about all the devices your kids have? And don’t forget about all of the connected systems where you work.
In the July 13 season two premiere of Mr. Robot on the USA Network, the inherent safety issues around the Internet of Things (IoT) was dramatically presented. In the show, the title character Mr. Robot is a member of fsociety, which is working to expose E Corp (or Evil Corp, as they are referred to by fsociety members) by hacking into their system and employees’ lives. E Corp is a global conglomerate with a treasure trove of valuable information on individuals. In the episode, the sanctity of the E Corp lawyer’s connected home was hacked and turned against her in a marvelously orchestrated display of aggression from fsociety that eventually forced her to move out of her technologically advanced home.
For some, the scene may have seemed a bit over the top. But for those who understand the potential vulnerabilities in such devices, it was probably completely believable. If you pay attention to the security and privacy aspects of the technology you use at home and at work, you understand the risk involved in using all the technology that makes certain aspects of our daily life easier. In August and September 2016, Apple released new versions of the software that runs numerous devices. Why am I specifically calling these updates out? Because according to the United States Computer Emergency Response Team, “Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.”
Apple products are by no means the only devices susceptible to remote access and control. Most other technology platforms have had similar issues (and unfortunately will continue to have them). So what can you do to make sure the technologies that you, your family and your business rely on won’t be used in a way they were not originally designed to be used? You must become aware of the technology, understand where it is used and make sure you are running the latest version of the operating system that makes the devices work. If you come across an IoT device and the manufacturer is not updating its software on a regular basis, it is time to consider replacing those devices. In addition, make sure you, your kids and people in your organization change any default passwords to something difficult to guess. There’s always more you can do to secure the devices in your life, but we each need to start somewhere.
In the United States, we celebrate National Cyber Security Awareness Month every October. The goal is to make ourselves, our families and our organizations more aware of the role each one of us plays in making sure we have safe and secure experiences. Being aware and taking action is not limited to the month of October, but it is a great place to start.