top of page
Writer's pictureLewis Desmond

Are you protecting your smart devices from cyber hackers?





Smart devices are increasingly prevalent in our daily lives, so we must do our best to safeguard them and prevent malicious actors from succeeding in their attacks. These devices come under an umbrella term known as IoT (internet of things), which also means any device with the ability to communicate over the internet.


These include: 

  • Speakers – Amazon Echo, Google Nest, Apple HomePod

  • Smart thermostat systems 

  • Smart lighting 

  • Home appliances, such as fridges 

  • Security cameras 

  • Smart TVs


However, these devices can often be overlooked when it comes to cyber security. This is why it's very important to make sure that we are thinking about the connections being made to them from outside your network. 


Many businesses use smart devices either in their offices, from using smart speakers to play music, smart lighting within the workplace and having smart security camera systems across the workplace. 


How can a smart device be affected?

Cyber hackers can try to remotely access a smart device, using security vulnerabilities, such as stolen passwords, the owner using default passwords and also through not using multi factor authentication. 

Once they have access to one smart device, they can potentially access a whole network of devices, and even launch large-scale DDoS (distributed denial of service) attacks. 


Recently over the years, there has been an increase in malicious actors targeting smart devices with weak passwords in their control systems and vulnerabilities from outdated software. 


The results of this for a business could be losing access to their device and the network. For instance, security cameras are deployed extensively, so it's essential to ensure their integrity. This is because you wouldn't want unauthorised individuals to surveil your premises or identify other devices and vulnerable areas.


How can a business protect their smart devices? 


Buy from reputable makers and sources

Many cheap smart devices are available online, however they can have varying levels of security features which may make them easier to compromise or expose your organisation to risk. We would recommend always buying smart devices from a reputable brand and trustworthy store. 


Strong passwords

Always use strong passwords to protect your accounts for each smart device and always change or update a password whenever prompted. The NCSC recommends using three random words for passwords because they are easy to remember and strong enough to keep attackers out.


Multi-factor authentication

Make sure you enable multi factor authentication wherever possible for that extra step of security. 


Software updates

Ensure that you use the latest software versions to remain updated with current security fixes for vulnerabilities in the devices and for better overall performance. Always update the software whenever prompted. 


Disable unnecessary features and services

Many IoT devices come with features or services enabled by default that may not be needed for the business. Disable any unnecessary services to reduce potential attack surfaces. 


Control access levels

As an employer, make sure you keep a log of what email accounts the smart devices are linked to, to ensure you always have access to it. Make sure they are work accounts and not your employees’ personal email accounts. And always make sure you remove access if someone leaves the business. 


Port filtering

Ports are doorways into the network that allow certain information to enter and exit. By controlling which ports are open or closed you can manage the data to keep it secure. Controlling which ports remain open or closed enables us to manage and secure data effectively.


Imagine your network as a house, and the ports are like doors and windows. These "doors" allow certain types of information to come in and go out. By controlling which ports are open (unlocked) or closed (locked), you can manage the data that flows through your network and keep it secure. 


Virtual Private Network (VPN)

Consider adding your devices to a Virtual Private Network (VPN) to enhance the security of your communications and protect your privacy. A VPN creates a secure, encrypted tunnel between your device and the internet, ensuring that all data transmitted and received remains confidential.


Consider using a reputable VPN provider with a strong track record of security and privacy protection to enjoy these benefits. It is important to choose a VPN provider that offers a variety of server locations, strong encryption protocols, and a no-logs policy (meaning that the provider does not keep records of your online activities).


If you’re not sure how to do any of the above, we recommend that you work with an IT expert to ensure you have the optimum security levels to protect your business from cyber hackers. 


At the North West Cyber Resilience Center (NWCRC), we offer very low cost cyber security assessments and training sessions to help protect SMEs across the region. 

Book in now for a Network Vulnerability Assessments to identify and rectify weaknesses within internal systems and connections.

Comments


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.

 

Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.

 

This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page