Monday, November 10, 2014

Netiquette IQ Blog of The Day - The Internet of Things

More and more it appears that the Internet of Everything will be the next big explosion of activity in our world of cyber technology. The initial estimates of how much this new frontier will effect the movement of information are staggering and will be topics of this blog going forward. For now, let us suffice in what is close at hand and where initial movements will likely occur similar to the following article.
===================================================
                                             

By Fahmida Y Rashid
 PCMag   11/06/2014 7:47 a.m.

How to Secure Your Internet of Things

The phrase "Internet of Things" may be over-hyped, but the connected home is no longer a vague futuristic concept, but a reality. The average home already has multiple connected devices, and it's up to the savvy user to actively secure them by locking down the home network.
The Internet of Things includes pretty much any device capable of connecting to the Internet. The smart refrigerator is a popular example, but the category goes beyond electric appliances to include thermostats, automobiles, and wearables. Even though there is a lot of conversation about ways to bake security into these devices, the bottom line is that they are all vulnerable. Attackers can conceivably use them as backdoors into your network, or figure out a way to hijack the devices to carry out other operations. It's up to the homeowner to protect the Internet of Things in the connected home—and the way to do that is to protect the home network.
That sounds suspiciously mundane, like setting up WPA2 encryption on the house's wireless network, selecting strong passwords, and keeping certain devices separate from each other. The thing is, the way you protect the Internet of Things isn't all that different from how you should already be protecting your computing devices at home.
The most important piece of equipment for the Internet of Things is the router, said John McCormack, CEO of Websense. That is where the bulk of our security efforts should be.
You're More Connected Than You Think
Let's take a step back. Perhaps you are thinking that you don't have a lot of Internet of Things devices to begin with. You would be surprised. It turns out
a typical home has around five potentially dangerous things other than computers, tablets, and cellphones, connected to their home network, said David Jacoby, a security researcher at Kaspersky Lab. They include smart TVs, printers, game consoles, network storage devices, satellite receivers, and media players. You don't need fancy gadgets or high-tech equipment to have a networked home.
Just to put things in perspective, Jacoby uncovered over 14 remotely exploitable vulnerabilities on his network-attached-storage (NAS) device which could potentially give attackers access to all his files.
Michael Price, a counsel in the Liberty and National Security Program at the Brennan Center for Justice at NYU School of Law, wrote late last week about getting a new smart TV and being surprised by the "staggering" amount of data it collects. "It logs where, when, how, and for how long you use the TV. It sets tracking cookies and beacons designed to detect when you have viewed particular content or a particular email message. It records the apps you use, the websites you visit, and how you interact with content," Price wrote.
The camera on the smart TV is equipped with facial recognition. If an attacker can break into the network and get to the TV, they will be able to see what is going on inside the home. The TV also has a microphone, and it can capture and transmit recordings to a third-party. "Don't say personal or sensitive stuff in front of the TV," Price warned.
The Internet of Things expands the amount of information attackers can grab about us. These connected devices also create holes in our network, giving attackers more opportunities to get access to our files and sensitive information. "Protecting the device itself is near impossible," said Christpher Martincavage, a senior sales engineer at SilverSky. Since we can't secure each individual device, let's lock down our home networks and reduce our attack surface to something a little bit more manageable.
What Can I Do?
We frequently set up our home network by just plugging the router in and not bothering to step through the interface to figure out what it is doing. Change your password—the last thing you want is someone to be able to get in to your router and change around the settings. Disable guest network access entirely so that strangers can't hop on willy-nilly.
Most routers have the option to set up multiple network SSIDs. Set up one network for your computers, printers, NAS, and other computing devices. Set up a completely different SSID for the Xbox, smart TV, and other appliances, suggests Trey Ford, global security strategist at Rapid7. Set up another SSID for mobile devices. This way, even if one of your devices get hijacked or injected, the attacker is limited to just that single network. It would be much harder to go from a backdoored TV to the NAS if they are on different networks. Segmenting the network this way also means that if one section is hijacked, all the other devices are not accessible and remain safe.
If you are willing to put in the effort, you can list all the MAC addresses for every single device connecting to your network so that the router assigns IP addresses only to those systems. All unknown devices will be blocked from accessing the network. This would prevent attackers sitting outside your home from connecting to your network and wandering through your digital home.
Encryption, Passwords
When it comes to setting up a secure wireless network, which encryption scheme you select matters. WEP requires you to enter a password, but it is weak and easily compromised, so having it is just a false sense of security. Use WPA2 encryption and a strong, complex password. If you are going to be clever about the name of your wireless network, make sure it's actually clever and not something that gives away something about you or your geographic location, such as "Maureen's LivingRoom." And while you are at it, change the passwords for all your devices, even your TV. Change them to something suitably strong and complex right away, and regularly update these passwords. If you can, change the usernames, too, to make those brute-force attacks even harder to do.
Every network needs a firewall, whether it's a stand-alone device or one turned on inside the router. While it won't prevent all attacks, it will cut down on opportunistic probes and backdoor attempts.
Every Door, Every Window
In the end, the main thing is that we all need to change the way we think about our networks and all the devices on them. "No one is going to keep the door to their house unlocked. You need to think [the same way] about the appliances on your network," said JD Sherry, vice-president of technology solutions at Trend Micro.
The key, however, is that each entry point is potentially another front door, back door, attic window, and so on. You've got to make sure they're all locked tight if you want to be safe in the age of the Internet of Things.
 ===============================
In addition to this blog, I have authored the premiere book on Netiquette, "Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". You can view my profile, reviews of the book and content excerpts at:
 www.amazon.com/author/paulbabicki
 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ Rider University and  PSG of Mercer County New Jersey.
========================================== 



No comments:

Post a Comment