As more and different types of connected devices go mainstream, the number of prospective targets for a hacker increases. However, investigative reports have indicated that some gadgets don’t pose much of a challenge to good hackers.
For the benefit of parents, an online ad for an interactive toy bear points out that gadget with the brains of a computer doesn’t transmit personally identifiable data about children.
The ad also declares that with unlimited Wi-Fi content updates available through a free app, the fun of playing with the toy animal never has to end.
Of course, parents should be careful about sharing information about their children with connected devices. The data could be intercepted and misused. Adults also need to exercise care with their own gadgets.
In addition to toys, people are buying and using an expanding array of connected gadgets – everything from voice-activated information and entertainment systems to appliance controls that can be adjusted remotely with a smartphone.
Ashley Podhradsky is among the technology experts who question whether companies are putting enough thought into security before moving new devices into the market. She’s the Associate Dean of the Beacom College of Computer & Cyber Sciences at Dakota State University in Madison.
She says with some companies, the security of new products probably isn’t a primary concern or even an area of expertise.
“They’re pushing things out that aren’t as properly vetted for security as they should be. That’s my concern,” Podhradsky says.
Hacking into the transmissions of a remotely-controlled appliance, for example, could provide a criminal with access to other stored data in a home or business.
Significant improvements to built-in security are not likely until businesses and consumers demand that product-makers devote more resources and attention to security. In the meantime, individuals and small businesses can take steps to increase the security of computerized devices.
Podhradsky offers three suggestions:
- Be aware of potential vulnerabilities in your devices. Using a smartphone to remotely control appliances is cool but it also might be risky.
- Lock down routers, which are gateways to electronic information. Make sure they’re not broadcasting the availability of your network, and don’t keep the machines in plain sight.
“Don’t buy a router based on price but instead for its capabilities,” Podhradsky says.
- Keep software up to date. When new patches come out, install them.
I’ll add a fourth suggestion with longer-term applicability.
- Tell manufacturers that make smart devices and the stores that sell them that security is a concern that should be addressed from the beginning, not after problems become evident.
Strengthen those passwords
It’s worth mentioning and reminding readers about the importance of strong passwords during any cybersecurity discussion.
SplashData, a California company that makes password-management tools, releases an annual list of weak passwords. The list for 2017 includes a touch of Hollywood.
“Starwars” is ranked as the 15th worst password for 2016. “Solo” is listed as the 60th worst. The rankings are based on leaked passwords.
The usual suspects – “123456” and “password” – top SplashData’s annual list of bad passwords. Two animals, one real and one imagined, also made the list - “dragon” and monkey”.
Experts at SDN Communications, the host of this blog, encourage the use of long, complex passwords. They also advise against using the same password for multiple devices. Don’t use easy to recall numbers such as your birthday or the name of your favorite team, either.
Also, whenever possible, users should take advantage of two-factor authentication options (watch the video below).