There you are, scrolling through Instagram in between other mundane tasks, or checking out the current events on Facebook. You then go to the latest relevant tweets, and wait… is that a virus lurking in the virtual shadows? Nah, it’s just an advertisement asking you to click on an image of a nice sweater. You were just talking about how it gets cold in the office and you need some new appropriate yet stylish professional attire. You click on the link and next thing you know you are in the vortex of so many other online shopping opportunities. Shopping is literally at the tip of our fingertips with a simple mouse click, and has become increasingly popular online on computers, tablets, and other cellular devices. It is possible to order anything online and have it delivered directly to you and with the increase in online purchases, cybercriminals simply must wait in the background to trap consumers rushing to get the best deals.
Living in a digital age has made it far more difficult to protect our homes and families from threats we cannot physically see. Technology is everywhere when our homes becomes smart homes and schools providing online platforms for education at an early age. Although it may seem that malware attacks and cybercrime live in the adult world, cyber thieves regularly target children and teens where they’re most active – chat rooms, social media, video streaming sites and online video games. Children are good targets because they may have high levels of trust in people and low levels of knowledge in cybersecurity. According to the department of Homeland Security, kids between the ages of 8-18 spend an average of 7 hours and 38 minutes per day online. Assuming a child sleeps eight hours a day, this means almost HALF their time awake is spent online! While the benefits are fantastic, there are great possible threats posed to children on the internet.
Did you forget to close your garage door when you left home, but then used your mobile device to close it as you sat worry free in the waiting room at the doctor’s office? Not sure if you armed the alarm system when you left for a weekend trip? No problem, because you’re a smart cookie who has smart devices, which will help you handle all this remotely. Left your lights on downstairs, and too tired to get out of bed? Ask Alexa or your Google home to turn them off. Technology is great, technology has evolved, technology has allowed us to forgive ourselves for human shortcomings. But you know what else technology has done? It has facilitated an invitation to those less innocent individuals with malicious intent, and has increased the opportunities for cybercriminals.
With so many devices being upgraded to “smart” devices as consumers move towards “smart” living, the number of Internet of Things (IoT) devices is increasing at a rapid pace. Cisco estimates this number to grow exponentially over 50 billion by year 2020. What does this mean for the average consumer? It means regular household devices such as refrigerators, washing machines, televisions will all become connected and humans will be communicating remotely via the internet with each of these devices. By 2030, only a decade later, this number is estimated to grow to 500 billion devices!
There are vulnerabilities, which can allow for hackers to be able to gain access to these devices. The more consumers utilize these devices to control their home, the greater access these cyber criminals will gain. It is a scary thought to think you may be susceptible to hackers, and while it seems like it is not a big deal if a hacker can turn off your lights, the security repercussions can be far more dangerous. If your doors are connected via an IoT device, then criminals will be able to access data on when you leave your house, and even be able to control the disarming of your security system to break into your home. Security cameras can be disabled, motion sensors switched off, and the consumer would have no idea until it is possibly too late. 5G enabled devices will increase this risk, as these will connect directly to a network vs a Wi-Fi router, exposing devices to an even greater likelihood of cyberattack.
What is exceptionally dangerous about these attacks, is the victims would in most cases be completely clueless as the devices continue to function as normal. Systems such as Google Assistant and Samsung’s Bixby can inadvertently result in compromised data generated from unprotected devices. This can in turn expose victim’s personal information such as credit card data and confidential passwords.
The important thing is to be a conscientious consumer, don’t be afraid of becoming one of the many who are upgrading theirs to a Smart Home; simply take counter measures to ensure you don’t become victim to cunning cyber criminals.
Let’s start with the simplest of security elements. THE PASSWORD. Phishing is still incredibly popular amongst hackers, and highly successful as well. While technology continues to evolve, human nature remains the same, and it is easiest to appeal to this vulnerability with disguised emails tricking the recipients. A strong defense to this line of attack would be to enable two-factor authentication.
Additionally, a surprising amount of people utilize the same password for all of their devices. Their laptop, home security, cell phones, bank pin codes; the list is endless. Over 83% of people surveyed stated they use the same password for multiple sites. A simple solution to this is to utilize a unique password for each device, so if one is compromised, your other devices will remain safe.
Most smart home devices are controlled remotely via an application installed on a person’s smartphone. If your phone is compromised, then you are inadvertently creating vulnerabilities with all other devices controlled from your phone. If you are using public wi-fi on your phone, you should exercise caution and ensure you always utilize VPN (virtual private network), which has strong security features and maintains an anonymous internet connection.
You should also ensure the software for your smart devices is always up to date in order to protect yourself from any identified security risks. Device makers will do frequent software releases and security patches, and you should never ignore these when they come through. Change the privacy settings the manufacture defaults the devices to, and don’t ever give the same access to guests and acquaintances who may need temporary access to your IoT devices.
Lastly, you can give your router a different name from the one which automatically generates from the manufacturer as well as the default password, so as to hinder hackers’ ability to gain information on the make and model of your device. Any roadblocks you can setup for malicious attacks will create an added layer of security and more barriers between you and cyber criminals wanting to gain access to devices in your home and your day to day lives.
To learn more about the Internet of Things (IoT), you can visit:
https://www.cgcompliance.com/industries/internet-of-things-iot
If you are a service organization and your customers trust you with their data, you may need to pass a SOC 2 audit to sell your products.
Whether your customers demand an audit report from you or industry regulations require one, you may have to provide proof of SOC 2 compliance to demonstrate that the data you’ve been entrusted with is properly secured.
Ransomware is like the flu. Everybody knows about it, nobody wants it, and many try to prevent it, but it spreads anyways.
Complying with the Payment Card Industry Data Security Standard (PCI DSS) ensures that you have taken the necessary safeguard to secure payment card data, and it should be a goal for your organization. However, PCI DSS compliance doesn't ensure that all data is secure—so it isn't a stopping point.
