What are the Best Ways to Protect IoT Devices from Attack?
September 9, 2022 - Emily Newton
Revolutionized is reader-supported. When you buy through links on our site, we may earn an affiliate commision. Learn more here.
Internet of Things devices are some of the most interesting and useful consumer technologies today. There are an incredible variety of smart devices today, but it is crucial to protect IoT devices from security threats.
For example, you could get a washing machines that sends your phone a notification when your laundry is finished. You could install a smart thermostat that automatically adjusts your home’s temperature to keep it just right. You could hook up your front door with a smart IoT security system that will notify you of unusual activity.
IoT devices can do all kinds of convenient and helpful things. Unfortunately, they can also create a range of new problems for homeowners and businesses. Hackers can exploit all kinds of connected technology.. To make matters worse, IoT devices can also be notoriously difficult to secure compared to devices like smartphones and laptops.
How can any IoT owner defend their data? Learn how to secure IoT devices from potential cyberattacks.
The Basics: How to Protect IoT Devices
Cyberattacks often take advantage of the weakest link in a network’s security. Employees who don’t know how to spot a phishing attack are common causes for cybersecurity breaches. Poorly secured devices can pose a serious risk, as well, such as those left on the manufacturer’s default password.
Luckily, you don’t need extensive security knowledge to protect your IoT devices. A few simple best practices can go a long way.
1. Change Default Passwords and Settings
When setting up a new IoT device, it’s a good idea to disable access and connectivity features you don’t need. There are a variety of connectivity features that can be helpful in some circumstances but may be a risk in others. Plus, devices will usually ship with minimal security features and weak default passwords. You need to address these risks in order to secure IoT devices you own.
For example, many IoT devices will try to automatically connect to other devices and networks in the area by default. While this can help simplify the process of creating a smart office or home network, it can also create a serious security gap. Hackers and unauthorized users could easily connect the network through the unsecured IoT device. This goes both ways, too. If you have a poorly secured network, it opens the door for anyone to access your data and devices.
Default Remote Access
Some devices also come with features like remote access, which you may not necessarily need. This feature make devices easier to compromise, so you may want to disable it if you don’t plan to use it yourself. For example, you may want to configure your smart coffee maker so they can activate it from bed. Alternatively, you could just set it to give you notifications instead and disable remote access features.
Many IoT devices also come with password protection options that will prevent network users from changing security settings or using the device without the right password. These features are great to have. Just make sure you change the default password. Many devices ship with simple manufacturer’s default passwords. Hackers can often guess these default passwords or use manufacturer resources to look them up.
So, change all of your devices’ passwords right away when you’re setting them up. Make sure to choose something long and hard to guess. Passwords with no actual words in them can be particularly secure. Lastly, never reuse any login credentials between devices, sites, or apps, especially with your IoT devices.
In 2020, Amazon’s Ring smart doorbells and security cameras came under fire when hackers used stolen reused passwords to hijack user’s smart cameras. The attacks ranged from FBI swatting pranks to harassment involving everyone from children to elderly people. This is a clear warning for IoT device users. Never reuse passwords or usernames on your devices and always use a complex, unique password.
2. Use Multi-Factor Authentication
Multi-factor authentication (MFA) is the number on login technology available today. It is easy to use but extremely secure, making it both convenient and safe.
MFA works by verifying login attempts with an identity confirmation. For instance, an MFA login might ask you to confirm your identity using a secure one-time code sent to your verified phone number or email address. These codes are random, virtually impossible to guess, and expire after a certain amount of time.
MFA is highly secure because a hacker would need to go to great lengths to get into your account, even if they stole your password. They would need to steal your physical phone or email password as well as the password for the account, site, or app you’re trying to login to. Most hackers will not bother with this level of difficulty. It is also quite hard to hack most large email providers, let alone gain access to someone’s text messages.
MFA may not be available on all devices, IoT hubs, or IoT apps. If it is available, though, definitely opt to use it. MFA only adds a minute onto your login time and it significantly strengthens your IoT security.
3. Keep Software Updated
Most cybersecurity apps use databases of virus and malware signatures — files that enable the software to detect specific viruses. Security threats are constantly evolving and changing today, though. You need to keep security software up to date to make sure you’re not vulnerable to new threats. Security apps offer frequent updates to add patches for new threats, so make sure to check for updates often.
This same rule applies to your devices’ operating software. Operating systems may not get updates as frequently as security software, but it is still important to keep an eye out for them. Hackers can exploit outdated operating systems, which usually have weak or outdated security features.
4. Use Strong Wi-Fi Encryption
The home or office router is the gateway between IoT devices and the internet. If it’s not secure, it could open up both your IoT devices and your network to attack. Routers typically come with a manufacturer’s default password. Change this password right away and make it something long and unique with a mix of letters, numbers, and symbols. Never use birthdays, names, pets, or other common password phrases for your router.
If you don’t already use encryption, it’s good practice to set your router to the strongest encryption type you have available. On most routers, this will be WPA2. If your router doesn’t support this level of encryption, consider upgrading. Routers can get outdated just like any other technology and a newer one will usually have the most up-to-date security software.
Protect IoT Device With Network Segmentation
The basic defense strategies above can go a long way toward protecting your devices, network, and home. Network segmentation can help secure things even further. This tactic works by separating your network into multiple isolated chunks, each with separate devices on it. Devices can’t access devices or data outside their own segment of the network.
Managing the network access your IoT devices have can help you minimize the risk of unauthorized network access, even if a smart device is compromised.
Protecting Your Home
For a smart home, network segmentation can be accomplished using a guest network. Some routers even come with an IoT network for easy network segmentation. Most consumer routers allow you to quickly set up a guest network that IoT devices can connect to.
This alternative network functionality is intended to keep guest connections separate from your main home network — allowing guests and people with your Wi-Fi password to connect their devices to your router, without giving them the same access that devices on the main network have.
Protecting Your Business
Businesses usually need more advanced protection. Cyberattacks against businesses are on the rise. It is increasingly likely that smart devices may make business networks less secure unless the proper precautions are taken.
Businesses can design a segmented network that separates devices into different network sections based on the information and other devices they need consistent access to. For example, industrial IoT users may create a network that segments machine control systems from the larger network.
User access management offers similar benefits to businesses. With access management, network administrators can ensure that even if a particular device or user account is compromised, it can only be used to do so much. This limits the overall network access a hacker will have if they compromise one account or smart device. Access management is particularly important for defending against phishing attacks, which are notorious for exploiting employees who unknowingly give up their login details.
Access management is more complex than just using a guest network. It typically requires a documented segmentation strategy along with technology like firewalls and specially configured VLANs (virtual local area network). However, this strategy can provide better protection in the event a device is compromised, so the extra effort and investment will be well worth it.
Monitoring Network Activity
You can also continuously monitor activity on your network. Network traffic analysis tools and cybersecurity platforms allow you to identify unusual network events that could indicate a possible attack or network breach.
A growing number of consumer-oriented network traffic monitoring tools are available today, making network traffic tracking possible for smart homes. These programs keep track of network activity for you and notify you of both unusual traffic and non-malicious network issues.
These tools also allow you to track network performance. If your internet connection is slower than you expect, you may be able to find out why using one of these tools. Background downloads and forgotten streaming services, for example, can eat up bandwidth, slowing your internet connection. These services will appear in the network traffic analysis.
Protect IoT Devices Against Potential Cyberattacks
Cyberattacks targeting home and business networks are more common than you might think, and they are likely to remain a problem for IoT device owners well into the future.
A combination of simple and advanced cybersecurity tactics can help you keep your network safe. Even the most basic practices — like deactivating unwanted networking features and changing default passwords — can go a long way in defending a device against potential attacks.
Editor’s Note: This article was originally published on July 9, 2021, and was updated on September 9, 2022, to provide additional information about IoT security.
Revolutionized is reader-supported. When you buy through links on our site, we may earn an affiliate commision. Learn more here.
Author
Emily Newton
Emily Newton is a technology and industrial journalist and the Editor in Chief of Revolutionized. She manages the sites publishing schedule, SEO optimization and content strategy. Emily enjoys writing and researching articles about how technology is changing every industry. When she isn't working, Emily enjoys playing video games or curling up with a good book.