Is your home at risk for hijacking by cybercriminals?

    Did you forget to close your garage door when you left home, but then used your mobile device to close it as you sat worry free in the waiting room at the doctor’s office? Not sure if you armed the alarm system when you left for a weekend trip? No problem, because you’re a smart cookie who has smart devices, which will help you handle all this remotely. Left your lights on downstairs, and too tired to get out of bed? Ask Alexa or your Google home to turn them off. Technology is great, technology has evolved, technology has allowed us to forgive ourselves for human shortcomings. But you know what else technology has done? It has facilitated an invitation to those less innocent individuals with malicious intent, and has increased the opportunities for cybercriminals.

    With so many devices being upgraded to “smart” devices as consumers move towards “smart” living, the number of Internet of Things (IoT) devices is increasing at a rapid pace. Cisco estimates this number to grow exponentially over 50 billion by year 2020. What does this mean for the average consumer? It means regular household devices such as refrigerators, washing machines, televisions will all become connected and humans will be communicating remotely via the internet with each of these devices. By 2030, only a decade later, this number is estimated to grow to 500 billion devices!

    There are vulnerabilities, which can allow for hackers to be able to gain access to these devices. The more consumers utilize these devices to control their home, the greater access these cyber criminals will gain. It is a scary thought to think you may be susceptible to hackers, and while it seems like it is not a big deal if a hacker can turn off your lights, the security repercussions can be far more dangerous. If your doors are connected via an IoT device, then criminals will be able to access data on when you leave your house, and even be able to control the disarming of your security system to break into your home. Security cameras can be disabled, motion sensors switched off, and the consumer would have no idea until it is possibly too late. 5G enabled devices will increase this risk, as these will connect directly to a network vs a Wi-Fi router, exposing devices to an even greater likelihood of cyberattack.

    What is exceptionally dangerous about these attacks, is the victims would in most cases be completely clueless as the devices continue to function as normal. Systems such as Google Assistant and Samsung’s Bixby can inadvertently result in compromised data generated from unprotected devices. This can in turn expose victim’s personal information such as credit card data and confidential passwords.

    The important thing is to be a conscientious consumer, don’t be afraid of becoming one of the many who are upgrading theirs to a Smart Home; simply take counter measures to ensure you don’t become victim to cunning cyber criminals.

    Let’s start with the simplest of security elements. THE PASSWORD. Phishing is still incredibly popular amongst hackers, and highly successful as well. While technology continues to evolve, human nature remains the same, and it is easiest to appeal to this vulnerability with disguised emails tricking the recipients. A strong defense to this line of attack would be to enable two-factor authentication.

    Additionally, a surprising amount of people utilize the same password for all of their devices. Their laptop, home security, cell phones, bank pin codes; the list is endless. Over 83% of people surveyed stated they use the same password for multiple sites. A simple solution to this is to utilize a unique password for each device, so if one is compromised, your other devices will remain safe.

    Most smart home devices are controlled remotely via an application installed on a person’s smartphone. If your phone is compromised, then you are inadvertently creating vulnerabilities with all other devices controlled from your phone. If you are using public wi-fi on your phone, you should exercise caution and ensure you always utilize VPN (virtual private network), which has strong security features and maintains an anonymous internet connection.

    You should also ensure the software for your smart devices is always up to date in order to protect yourself from any identified security risks. Device makers will do frequent software releases and security patches, and you should never ignore these when they come through. Change the privacy settings the manufacture defaults the devices to, and don’t ever give the same access to guests and acquaintances who may need temporary access to your IoT devices.

    Lastly, you can give your router a different name from the one which automatically generates from the manufacturer as well as the default password, so as to hinder hackers’ ability to gain information on the make and model of your device. Any roadblocks you can setup for malicious attacks will create an added layer of security and more barriers between you and cyber criminals wanting to gain access to devices in your home and your day to day lives.

    To learn more about  the Internet of Things (IoT), you can visit:

    Read More

    A Deeper Look into Data Encryption

    This last November (Nov. 6-9, 2018) Townsend Security had a chance to participate in the 20th annual PASS Summit in Seattle as an exhibitor. While there, they had an opportunity to ask attendees about their company's encryption and key management practices. Our own Tim Roncevich was able to review the results and give his expert opinion on some of the findings. Enjoy!

    Read More

    Ransomware Is Still an Ever-Present Threat: What You Need to Know

    Ransomware is like the flu. Everybody knows about it, nobody wants it, and many try to prevent it, but it spreads anyways.

    Read More

    PCI Compliance and the CIA Triad—Building Great Security

    Complying with the Payment Card Industry Data Security Standard (PCI DSS) ensures that you have taken the necessary safeguard to secure payment card data, and it should be a goal for your organization. However, PCI DSS compliance doesn't ensure that all data is secure—so it isn't a stopping point.

    Read More

    What Do WalMart and Airbus Have in Common? Cybersecurity

    A group of prominent investors aims to improve cybersecurity by building companies around new technologies for protecting data.

    Read More

    When is a PCI Audit Required?

    Unless you’ve been hiding inside a cave or stranded on a remote island somewhere in the middle of the ocean for the past decade, you are likely aware that the prevalence of cybersecurity attacks has increased exponentially.

    Read More

    Vulnerabilities in the AWS IoT Platform You Should Know About

    There is no denying that Amazon Web Services (AWS) is a popular choice among companies these days. Businesses like to store their data and run their operations through AWS because of the convenience and performance that its cloud-based storage and services provide.

    Read More

    Beware a Hacker's Precision Strike in Your Cloud Environment

    So, you think your data is safe because you stored it “in the cloud”? If your company is amongst a majority of businesses who decide to transfer to the cloud, you might be wondering if you should still be concerned about secure cloud computing. On one hand, you would have lower costs, added control, and a higher level of protection against security breaches; on the other hand, you are not impenetrable or immune to cyberattacks. While some things become safer, there is a whole new set of concerns and security challenges presented once you move to the cloud.

    Read More


    What you should know regarding the key changes to SOC 2 reporting (TSP Section 100)


    Read More

    What You Need to Know About PCI Levels and Requirements

    Payment card data must be well-protected as damages from data breaches continue to mount.

    Read More

    Subscribe Here!