Are you ready to play Offensive?
PLAYING DEFENSE: Internet of Things or IoT is already the new upcoming method of hackers. Not so much as to Steal identity, but maybe access and control devices that can access other servers. In large numbers IoT devices can pose a real threat by simultaneously attacking / or accessing a target server or business. The amount of traffic generated can easily overwhelm even large corporate servers, during such an event. This type of DOS or Denial of Service attack can cause mail servers, web servers, and other accessible resources to fail, from not being able to handle the immense traffic. If your not already super paranoid, you might be after realizing some simple facts about the devices that surround you. For instance, you may change your email password periodically, or maybe even your ATM pin number routinely, but have you changed your password on your router? how about that new thermostat? or maybe even that new video security system you use with your iPhone or Android. Typically hackers tend not to spend too much time causing user problems, but instead, use IoT to perform “Bot Net” style attacks, that can cripple servers, if performed in large numbers (example: 25,000 thermostats). With smart washers and dryers, video surveillance, Bluetooth, WiFi, and other accessible ways to your device, its no wonder they make good targets.
PLAYING OFFENSE: Here are a few things to consider during an IoT attack.
- Be suspicious, if you can monitor your internet speeds by monitoring your router, or network connection (unfortunately this may be a challenge to some, especially in residential scenarios).
- Adopt an Offensive posture, and know how to “Unplug” which cables, and where.. to Isolate network traffic in case things are acting strange.
- Familiarize yourself with immediately killing, and asking questions later for devices that are non essential ex:unplug your smart washer, smart refridgerator, or internet connected water heater.
- A great place to start is knowing where your internet connection/modem is located for easy “Emergency” turn-off.
- Train yourself and crew, to quickly perform tasks that will limit or severe connections, in the event a rapid spread of malice is underway
- Publish your process, and perform routine “refresher training” days for all your security, “Just in case of Fire” scenarios
Although this method is somewhat crude, it may allow you to isolate, then figure out “one at a time” which device maybe compromised, for further troubleshooting. Change your passwords often, and don’t forget “Sometimes the best Defense, is a good Offense” https://en.wikipedia.org/wiki/The_best_defense_is_a_good_offense
In a nutshell, IoT awareness, is having good cyber security practice, that includes using the right equipment, and not necessarily buying the “Cheapest” router, or even toy devices. Anything that connects to the internet (In today’s upcoming devices, it is very common) IoT and common security practices will be the best Offense as well as Defense.
Absolute Care can minimize your exposure to IoT attacks, as well as, other Cyber Security threats. Check out our website at: https://www.absolutecentral.com , or feel free to contact us, for free advice and information.