Trend Micro Shares Best Practices to Prevent Attacks on IoT Devices
The continuous development of Internet of Things (IoT) devices will reportedly push the global IoT market to grow from US$157 billion in 2016 to $457 billion by 2020. According to HIS Markit, more than 5 billion consumer devices supporting digital assistants will be used in 2018, with almost 3 billion more added by 2021.
IoT devices are just some of the many that are designed to improve users' lives. Some of these devices can also become invaluable for users such as students and the elderly. As these devices continue to innovate, the need for stronger security to protect users and the devices against threats should remain a top priority. It is projected that $6 trillion will be spent on IoT solutions by 2020.
There are some flaws in the way the Internet of Things is being secured, but users can mitigate the risks involved with owning smart devices. Steps such as securing home routers and changing passwords on regular basis go a long way towards ensuring that smart ecosystems are better protected from attacks.
Manufacturers, who are key in providing security to their products, can follow these best practices from Trend Micro to prevent attacks on IoT devices:
- Manufacturers need to have the mindset that any device, once connected to the internet, can become open to abuse. In the early stages of product development, testing and implementing appropriate security measures should have the same weight as enhancing device features.
- Vulnerability testing—where developers can simulate or perform attacks—is a practice that can help assess whether the device’s security can be circumvented.
- Manufacturers can avoid design inconsistencies and flaws by collaborating with security specialists to review the system security of a device. Third-party researchers who share device vulnerabilities can also be accommodated by providing an incentive through bug bounty programs.
Also, IoT devices are connected using a router. Think of your routers as a doorway to your home. The information from all the connected devices pass through your routers and then to the internet. Similarly, inbound data also go through the router and then back to your device again. There are also some router models that have various features such as telephony services, media server, wireless access points etc. They are comprised of an operating system (OS), hardware, and web applications.
Here are some best practices for making routers and networks more resistant to attacks:
- Update and/or strengthen their credentials to deter hackers from hijacking them
- Keep the router or IoT device’s firmware and software updated to prevent attackers from exploiting security gaps
- Use encryption to thwart attackers from snooping in on their network traffic, especially if the device is used in the workplace
- Enable the built-in firewall
- Disable unnecessary or outdated components that can be abused by attackers and used as doorways into the device or systems that may be connected to it
- Deploy additional layers of security such as intrusion detection and prevention systems