Televisions, refrigerators, baby monitors, security cameras; the list of devices we connect to our home networks is growing exponentially. However, most of us rarely think about the security risks they bring to our homes.
The truth is, if a device connects to the internet (or even just to the home network), it is vulnerable to hacking. The degree of threat may vary. For instance you likely consider a
Smart TV recording your conversations is less of a threat than a
home security system failing a hacking test. Internet of Things security is still an evolving technology and is far from perfect. However there are definitely steps we can take to make things more secure.
1. If you don't need to connect it, DON'T. If you bought a smart TV to watch Netflix, it makes sense to want to connect it to the internet. But if you just bought the TV because you like the model and you are not going to be using it with WiFi, do not bother with the WiFi connection. The safest device is still a disconnected device. Better yet, disable WiFi and Bluetooth connections you are not using.
2. Change the password (and check the security settings). Whether it is your firewall, home router or your baby monitor, the default passwords are posted on the internet. The first thing you should always do when setting up a new device is change the password. For a firewall or router, it is a good idea to set a schedule for periodic password changes.
Note: it is helpful to keep a
Password Database
to track your changed passwords.
3. Make sure your WiFi is secure. Review your WiFi to make sure you are using the best security available. Use a different admin and access password. Also use the strongest available security encryption and a password for your guest network.
4. Use a separate network for your Internet of Things devices. Most modern WiFi routers are programmed to allow more than one network. Consider using a dedicated network (or the guest network) for your IoT devices.
5. Update your device firmware periodically. Firmware is the programming that makes your device function. If the manufacturer becomes aware of problems and security holes, they will publish firmware updates to fix it. Set a schedule (such as every quarter) to check for firmware updates for your devices.
6. Choose devices carefully. Read up on your devices before you purchase them and check the manufacturer's security and privacy policies. Favor devices that do not use cloud services. Determine whether or not it will work if you discontinue any subscription.
The Internet of Things brings a new set of security challenges to our homes. Making wise decisions about which devices we connect to the internet and the security measures we keep in place can help mitigate the risks.
Pop-up Alert Virus Scam
by Kara Mueller
IT Support Specialist and
Certified Computer Examiner
In the past few months, there have been a number of clients who have experienced an internet pop-up warning them about a virus. The alert can appear on PCs and Mac computers through normal browsing activity. It manifests just like a pop-up advertisement, but is often disguised to look like part of the Windows or Macintosh operating system. When the pop-up appears, if the sound volume on your computer is on, you may hear an alarm and a voice warning you to call tech support.
There are many different variants of pop-up messages, but most will give you a "tech support" phone number to call. Unfortunately, the person who picks up on the other end is only out to scam you and will ask for money to help clean your fake virus. They may also request entry into your computer to "fix" the problem (and may install malware while logged in).
Nearly all of these alerts are difficult to close and can only be dismissed by force quitting your web browser or restarting your computer.
There is some good news - last month, the FTC filed suit against the owners of four companies accused of creating these fake virus alerts. Unfortunately, more could still be out there. If you see one of these pop-up ads, never call the telephone number and never give a stranger remote access to your computer.
Click
here
for more information on the FTC suit
.