Securing the Internet of Things (IoT) from hackers and cyber crooks needs to be a top concern for manufacturers, consumers and broadband network providers.
More than 26 million U.S. households own at least one smart home device, which represents a 35 percent increase from the beginning of 2016. Half of consumers say privacy is their greatest concern when connecting smart devices to the internet, and 40 percent say they have experienced a privacy or security problem with a connected device in the past year, according to a recent research report from Parks Assocaites.
Because many consumers just want their devices to be “plug and play,” they expect manufacturers to build IoT devices that are secure directly out of the box. Yet, in the rush to cash in on the smart home boom, many IoT devices do not encrypt their communications or use a form of encrypted transport that is vulnerable to attack.
Worse yet, too many manufacturers have short changed security by shipping devices with obvious default protocols such as “admin” and “password.” Consumers don’t realize they need to strengthen weak default passwords and download software updates once their smart garage door opener is online.
The Mirai botnet attack of October 2016, which threw massive amounts of junk traffic at servers that provide DNS services for websites large and small, exploited these weaknesses turning baby monitors and security cams into attack devices.
Government agencies have acknowledged security problems inherent in IoT devices.