We are all going to need IoT security solutions at some point or another, and this goes well beyond smartphones as everything from your Alexa to your smart-fridge is collecting data which can potentially be leaked. This data can include anything from your daily habits, which can be exploited by all manner of criminals, as […]
We are all going to need IoT security solutions at some point or another, and this goes well beyond smartphones as everything from your Alexa to your smart-fridge is collecting data which can potentially be leaked. This data can include anything from your daily habits, which can be exploited by all manner of criminals, as well as passwords and usernames which can be exploited by hackers of any skill level.
IoT security is a real issue. As more and more of the items in your house connect to the Internet, you need to consider whether or not their convenience comes at the cost of privacy, and if you can do anything to get more privacy once you have them. Keep reading to discover the risks, and what you can do to mitigate those same risks.
The International Data Corporation predicts that spending on IoT devices will hit 1 trillion dollars by 2020. This includes smartphones, smart TVs, tablets, Alexa and other personal assistants, smart toys, and even smart fridges.
While we all enjoy the convenience of these devices, we rarely think about how these devices have microphones listening to you all the time. Some even have cameras watching your every move.
IoT devices are like any other piece of equipment with software in that they all they have weaknesses which hackers can exploit. What you need to do is make it difficult for hackers to penetrate your IoT devices so that they move on to an easier target.
Technically, ‘smart’ devices started with your computer, which was once not much more than a smart typewriter. That became the first target for hackers looking to steal digital information which was now available to them, when before what was written was analog and had to be stolen the old fashioned way.
As more and more devices become ‘smart’ with a Wi-Fi connection, hackers are being given access to more and devices with information they can steal and exploit. More access points leads to more chances of having your privacy broken, and secrets stolen (yes, we all have secrets. Bank cards, credit card numbers, usernames and passwords) to be exploited. Scenarios to consider:
Those are some of the most basic hacks, and hackers are certainly coming up with new ideas and exploits right now.
The biggest issue here is that while your computer and smartphone have had years to develop security tech, your other smart devices have not. What’s worse is that people who develop, let’s say, a smart fridge are not as security conscious as those building a smartphone – they just don’t exist in the same worlds.
Many smart home devices have no authentication procedures, and no encryption, built into them. Some manufacturers are cutting corners with their smart tech, adding it as an after-thought, and security is always a cost to cut. It’s nice when things are less expensive, it’s less nice when they’re hacked so that a pervert can move your security camera to watch you breastfeed your child.
IoT toys have such poor security that it’s a joke:
The easiest way to make sure you stay secure is to watch for notifications to update. Yes, they’re annoying. Many of these updates are focused on patching vulnerabilities, so you need to stop seeing them as a hindrance and instead see them as an opportunity to protect yourself.
What else needs to be updated? Your username and password. All too often people keep the factory settings on this, which can be as simple as “admin” for both the username and password, and you don’t even have to be a hacker to get around that.
In fact, this is largely how the Mirai Botnet Attack played out in 2016:
This attack has resulted in next-to-nothing being done. There are still firmware updates being sent out with no encryption, servers are storing plain text, and passwords are stored with no protection and are rarely changed from default. You have to take care of these updates, or you’ll be the victim of a botnet.
At this stage, the only person who is really going to protect your IoT devices beyond basic updates is you. Even the US government’s current best effort for minimal IoT security standards only applies to equipment purchased by the government, it doesn’t actually cover regular commercial goods. Their hope is improved security standards for government IoT devices will lead to better standards for commercial goods, essentially creating trickle-down security standards. We all know how well that works…
What’s even worse is legislators do not understand technology. At all, on any level. Always remember these exchanges:
We. Sell. Ads. It’s encrypted, we can’t read it. The most basic, basic stuff goes over their head.
You need to start encrypting your connection, as a basic, and the way to do that is by getting a VPN and installing it on your router. This will encrypt absolutely everything that connects to it, including your IoT devices.
While this won’t force encryption on the servers where your data is stored, it will put a stop to man-in-the-middle attacks, and other types of snooping, on your devices. Many IoT devices don’t offer this minimal amount of protection, but you can clamp down and secure absolutely everything which connects to your router with the use of a VPN router, or by installing one on your existing router.
Here are two providers we recommend for their VPN router tech:
Positives
Negatives
Conclusion
While the company may not have the broadest and most impressive VPN network in the world, it has over 660 servers in some of the most popular countries in the world. StrongVPN’s software is more or less adequate, but at times, switching between servers can be clunky. The pricing can be considered at the industry average, and you receive a reliable VPN service in return. If you’re searching for a long-term VPN plan, the yearly package is affordable and recommended. StrongVPN’s customer support service is above-average and really impressed us. Its on-page content sections feature a lot of useful information, including guides, FAQs, and how-to articles. The support team can be reached via email, phone, or live chat. Our experience with the support team was surprisingly positive; during our live chat, the agents responded promptly and with a friendly, informative attitude. The company has solid customer protection policies, with its “Zero-Logging” policy particularly standing out. All in all, we recommend StrongVPN for anyone who wants to do browsing, torrenting and P2P, video and music streaming (including Netflix), or geo-unblocking.
I got strongvpn during my first ever trip to Africa where was going to work for an year. I had read about geoblocking in most parts of Africa and couldn't think of missing out on netflix and other stuff... View More
Their 7 day money back guarantee is what caught my attention and from then on i have been their customer for the last 8 months. The speeds are very good and i have had very few instances where i have ... View More
I paid for the service after learning that they offer a 7 day money back guarantee. I didnt want to risk my money in a service that would fail me. Luckily it turned out to be exactly what i had wished... View More
Positives
Negatives
Conclusion
CyberGhost VPN are definitely a top 5 VPN provider. Reading their privacy policy, and the fact that they do allow p2p and torrenting traffic on nearly all servers, you may rank them as your top choice for a VPN if you do a lot of downloading. Their software has features, like their killswitch, that put them on par with the top of the line VPN clients available. For fun, they also have a cute the animation that makes the experience that much more pleasant. They also benefit from being located in Romania as this country is well known for online privacy rights. What’s holding them back from the top spot is their connections do drop slightly more often than we'd like, otherwise they might be #1. Their VPN Kill Switch does save you from being exposed, but no problems would be better than a solution to a problem. For the price you pay for their VPN service, one of the lowest in the industry, and all the features of their software, you can’t go wrong when you choose CyberGhost as your VPN provider.
I have been using it primarily to download stuff online and it works great. It has great speeds and very minimal loss of connection which is usually handled fast enough by their very reliable customer... View More
I love the fact that users data is protected and deleted every 24 hours so my privacy is guaranteed. Their speeds are also remarkably fast and am able to stream my favourite shows without any glitches... View More
I do a lot of P2P downloading and have tried quite a number of different VPN services. So far this ranks as the best if your main interest is p2p and torrenting. You will get great speeds as well.
On the subject of routers, where your IoT devices connect, it’s also important to be sure to purchase a wireless router with a network firewall. They will help block attacks over your router, protecting everything, adding a layer of security.
Don’t feel that you’re invincible with a firewall as it is not an antivirus program. You can still be hacked via a phishing attack through email, or messaging apps on your IoT devices. You still need to take regular precautions in regards to messages, link clicking, and downloads.
We all know that hackers are ‘the bad guys’ who steal your personal information and use it to commit identity theft, and get access to your financial data. They’re ‘the bad guys,’ we can see that.
What you don’t see are the corporations collecting your data and storing it improperly. They’re ‘the bad guys’ here as well, but they’re wealthy and powerful so they get written off as ‘good guys’ who made a ‘mistake.’
What many of these free apps on your IoT devices do is collect your data and store it all in one big, fat, tempting place for hackers. We’ve seen so many security breaches of major corporations over the last few years it has become mundane. It should not be. Here’s how to protect yourself from ‘the good guys’:
We all like apps which make our lives easier or more entertaining, but each app we download is another point of vulnerability. Not only are we more vulnerable with more apps, but third-party apps are usually less secure than native apps which come with the device.
The best VPNs out there currently use AES-256 encryption, and this is true of some of the best companies out there who build IoT devices. It’s only possible to crack this encryption with a NSA-level supercomputer running non-stop for a year or longer. Cybercriminals don’t have the time or resources for that, so they go after a much softer target… you!
Many data breaches happen because of people making the wrong choices. Here are a few important things to look at in regards to buying and keeping new IoT devices:
These are all IoT security solutions which rest on you not making a mistake. They’re basic security measures that you must take with every device and app.
The two biggest security concerns when it comes to IoT security are the two most popular devices: Alexa and Google Assistant. They are a victim of their own popularity because hackers love to target popular devices, and will stay up to date on their vulnerabilities so that they can exploit as many people as possible with the least effort.
Not only are they tempting targets due to how many people use them, but they’re even more tempting because of how much data is stored on them. Both of these companies are driven by data, so you can be sure that they are recording every datapoint possible. These devices do have decent security measures, but one little fault can lead to a cascade of data theft.
The Amazon Echo, known by the device’s activation word Alexa, is an ‘always on’ device. It constantly monitors your conversation while waiting for the activation word, and deletes all recordings of you second by second until the activation word is spoken.
The problem is that it can hear the activation word by mistake and start recording. This is more common than you think as a writer for The Washington Post reported that his always-on devices record him without the proper activation word being spoken at least once per week. You’ll never know if Alexa hears the word, starts recording, and then, let’s say, sends the recording to someone random on your contact list. Yes, this has happened. The random laughs are, well, unsettling.
Here are ways to better secure Alexa:
These are steps you can take to better secure Alexa, who records a tremendous amount of data about you both on purpose and by accident.
Google Assistants are much like Alexa in that they’re always listening, so much of what was covered above applies here. There are a few unique features that can help you stay more secure though:
As was said above, in a rather colorful manner, turn off the microphone or go to another room for sensitive conversations. Sometimes, the simplest security is the best security.
© 2021 Best VPN Provider - All Rights Reserved.