What is the level of security of connected smart devices that you keep at home and at work? What protection did you put in place and did you take a minute to change the password of your default router?
The computer said no
In fact, many smart home users (and those who use connected devices in smart offices, businesses, manufacturers, and beyond) may not have considered their security.
This is a particular problem when it comes to older smart devices, many of which are still in use, even though a lot of them come with code numbers. ### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # 39, weak or non-replaceable default authentication.
The proliferation of poorly protected smart devices, coupled with weak router security, is a potential goldmine for hackers, who are eagerly trying to penetrate IoT networks to create zombie networks for future use.
This adds to the inevitable threat that criminals use poorly protected IoT devices like access points to penetrate networks, collect personal and payment data, and more.
How HomeKit approved routers work
The routers promised by Apple with HomeKit could improve the protection.
One of many Improvements to iCloud Apple is trying to market its products in 2019: routers are designed to protect your accessories with a firewall at the router. You can see some screenshots of how it works right here, while this report explains a little more about how this protection works.
In use, you can assign security permissions for each of your HomeKit devices as follows:
- Restrict at home: HomeKit compatible devices can only talk to each other, which means you will not be able to access them at all outside of your network.
- Automatic: Accessories can be connected to the home router / hub, home accessories and approved web services.
- No restrictions.
You set this preference individually for each HomeKit device. Apple is also introducing a HomeKit Secure Video service, which adds layers of protection around CCTV video.
Why is it important?
To help you understand the magnitude of the threat - and why the Apple solution is important - think about the new Kaspersky study that indicates that attacks on smart home devices have increased by 20 percent. about 700% in the last 12 months.
Kaspersky found that by using 12 million attacks on 69,000 IP addresses in the first half of 2018, 105 million attacks on 276,000 IP addresses were perpetrated during the first half of 2019.
The attacks are not particularly sophisticated, say the researchers. In fact, hackers are trying not to be noticed, which suggests that they are building botnets - presumably for future DDoS attacks.
"As people are increasingly surrounded by smart devices, we are seeing the intensification of IoT attacks.
Judging by the increasing number of attacks and the persistence of criminals, it can be said that IoT is a fertile area for attackers who even use the most primitive methods, such as guessing combinations of passwords and identifiers, "said Dan Demeter, security researcher at Kaspersky Lab.
How to protect yourself
Until Apple and the router companies introduce these better protected routers, how can we protect ourselves? Kaspersky recommends that users take the time to review existing security configurations and warns that the most common security combinations on the ground are frighteningly easy to guess and decipher.
"The most common combinations by far are usually" support / support ", followed by" admin / admin "and" default / default, "they said.
Both consumer and business users of connected devices should take some time to change the default password settings to mitigate this risk.
There are other things to do:
- Install the latest firmware / security updates for all connected devices.
- Use alphanumeric codes whenever you can.
- Restart the devices that seem to be acting strangely.
- Deploy firewalls and use a reputable VPN whenever possible.
- Consider creating second non-public networks for your old, connected systems. So even though these older systems may be at risk, your other devices will be less exposed.
The problem with many of these protections is that they are not necessarily trivial or accessible to all users. This is how Apple's HomeKit approved router system should help users protect themselves more effectively.
When will the material arrive?
The only problem at the moment: we do not know when these systems will be delivered. I suspect that unexpected challenges have emerged.
Recently announced delays in the delivery of some previously announced features of Catalina and iOS iCloud (such as iCloud Drive folder sharing) suggest that the latest pieces of Apple's nascent HomeKit security model may have hit turbulence, unless the blockage presents another product designed to work in such an ecosystem.
Regardless of the computing platforms you use, you should definitely take control of your existing intelligent home security configuration. Change passwords, update the firmware, and make sure your routers are secure.
Follow me on Twitteror join me in the groups AppleHolic's Bar & Grill and Apple Discussions on MeWe.