Smart homes might be right around the corner, but are you and your neighbors really ready for them? While research from firms like Gartner project demand for IoT devices to skyrocket over the next …
Sourced through Scoop.it from: iot.f-secure.com
Routers are the digital door to your home. IoT devices are designed to communicate directly with one another using communication protocols like Zigbee, so smart homes that have numerous devices networked together are essentially blanketed by these signals. And yes, hackers can use these signals to do all kinds of nasty things. However, the range of these signals is quite limited, so anybody attempting to use them to invade your home will need to be really close – basically lurking outside your window.
Routers, on the other hand, are the gateways that connect IoT devices to the Internet. Any IoT device that has an online component, such as cloud computing, will be using data that passes through the router. Routers can be used to launch a number of attacks on unsuspecting people, and they make tempting targets because they give hackers access to all of the devices that connect to them. And while many people recognize that their phones, tablets, laptops, and desktops have security needs, fewer people are aware that routers and other devices also need to be protected. As IoT devices integrate people’s homes into online services, the potential for having a man-in-the-middle in your living room increases. 3 Tips to Lockdown your Router – (1) Don’t Use Default Passwords: Routers, and many IoT devices, rely on passwords as a security measure. Passwords prevent people from wantonly accessing whatever device they come across, and are a staple of account security. Many routers come configured with a factory default password, so people can plug the device in, power it up, and then start surfing right away. Unfortunately, many people don’t give their router, or its password, a second thought once it’s working. While many of these default passwords are strong and therefore more crack-resistant than something like “password” or “1234”, they’re not always unique, which means the same password can be used for an entire model or type of router. Many hackers know this, and default passwords are often published online. (2) Update your Router’s Firmware: Updating software is vital to keeping devices protected, and this includes devices like routers. But updating routers isn’t always easy because they require “firmware” updates. Firmware is software that is so deeply embedded in computers and other types of technology that they tend to be inaccessible to end users. Outdated firmware can contain exploitable vulnerabilities, which is something that attackers can use to hack into routers. Updating firmware isn’t as easy as updating apps on your PC or phone. It’s something many people either don’t know how to do, or they simply aren’t aware when it’s required. Most routers can’t be updated automatically, or even directly online. People typically have to download the update to their PC first and then use that to install it on the router. There are some generic guides online that can give you an overview on how it works, but how to update and when depends on the manufacturer, so you should consult their website for specific instructions. (3)
Check your Internet Configuration: Another security issue with routers has to do with the way they’re configured to work with your computers and other devices. Attacks that change people’s Internet setting are generally referred to as DNS Hijacks, and typically work by changing your Internet configuration to point your traffic to rogue DNS servers. Doing this lets attackers manipulate Internet traffic in a variety of ways, and this can include things like tricking you into visiting malicious websites that steal personal data (such as account passwords). Fortunately, you can take measures to protect yourselves from these attacks. There are online protection packages that allow you to check your network to make sure your Internet configuration is safe, and F-Secure has an on-demand tool called Router Checker that lets you check your router to make sure its handling your Internet traffic safely. You should also disable the remote access privileges on your router, or at least the Universal Plug and Play (UPnP) and web management options.