Smart TVs, Smart Speakers, Other IoT Devices Remain Vulnerable Post Mirai Botnet

This has truly been a year of ransomware and General Keith Alexander, the former chief of the National Security Agency agrees. In fact, at a TechCrunch Disrupt New York event last week, he warned industries saying: “I think this is just one of many that we’re going to see.”

Cyber attacks have been at its peak this year. The most recent ransomware —WannaCry — being the largest ever, affecting 150 countries and more than 75,000 systems on last count. The need for defense against global cyber threats has never been more.

While cyber attacks have been mostly mounted on desktops and servers, it might not be restricted to them forever. With not just phones, but TVs and even speakers getting smart, these devices can easily be hacked and even maliciously used, as revealed by the WikiLeaks Weeping Angel documents in March. The documents revealed that Central Intelligence Agency had used Samsung’s smart TVs as “covert listening devices.”

Read: What Is Weeping Angel? How To Stop Samsung TVs From Recording You Per WikiLeaks Latest Document Dump

The rapid increase in the number of Internet of Things (IoT) devices such as smart TVs and smart speakers poses a threat to users’ privacy and security. While PCs and desktops can have antivirus protection, built-in security systems, encryption and passwords to protect data, no such system has been devised for smart devices.

The attention to security protocols on such devices was brought on by the Mirai Botnet attack, in which a large number of IoT devices were used. A huge number of smart devices were infected with malicious software and remotely controlled with no knowledge or interference from the owners. IoT-based attacks have currently been DDOS or spam campaigns, but it could very well accelerate into your personal and even financial information being leaked.

Amazon Echo lets users make payments using just voice commands. While it might sound convenient, the security protocols and guidelines followed by such devices is not known. If you have more than one of such devices and if they are interconnected, say in a smart home setup, the large amount of information available to these and even the kind of control available to them could easily be maliciously used.

Devices such as the upcoming Echo Look even have a camera built-in. If such a device could be remotely controlled as seen in previous IoT-based attacks, it would make users highly susceptible in every which way.

Using a malware, hackers could obtain your name, passwords and financial data.

There are certain steps you can take to secure your IoT devices, which include:

• Not using default passwords — if you have a password regulated smart device such as a wireless router, the first and foremost thing you need to do is change the default password. Never use common ones such as ‘admin’ ‘1234’ and ‘password.'.
• Using unique passwords for each connected device.
• Regularly updating your device for security patches from manufacturers.
• Check the security features of an IoT device before investing.
• Disable services which have been enabled by default, but aren’t of use to you.
• Disable or restrict remote access to IoT devices.

Read: IoT Security: Government Accountability Office Highlights Risks Posed By Internet Of Things

According to Gartner, there will be 8.4 billion IoT devices in use globally by the end of 2017, a number, which is expected to go up to 20.4 billion by 2020. With even products such as connected cars becoming a part of IoT, the user is at huge risk. It is advisable to take every precaution, before purchasing and while using an IoT device.