5. More hacking through IoT devices
Why? More IoT devices are being manufactured and used every day, and they are overwhelmingly unsecured. Very few IoT devices are “smart” when it comes to having security controls built in. Numerous research reports show that most don’t have data security controls, and the rest don’t have enough. It is rare to find a device that doesn’t fail at protecting privacy. These all create substantially more pathways for hacking on an ongoing basis.
In the U.S. there are currently no IoT security laws in effect, and only one law, California TITLE 1.81.26. Security of Connected Devices which goes into effect on January 1, 2020, that specifically governs IoT security. I’m not aware of any specific IoT laws in other countries. There are generally no legal requirements established to ensure that IoT device vendors and creators engineer secure architectures for the growing numbers of IoT devices being placed into people’s homes and other personal spaces. I see Facebook’s Portal and I just shake my head … what a fun way to let the spies see all your in-home activities, possessions, etc. by using Shodan, and similar IoT discovery tools, to find all those unsecured IoT devices.
Two actions (of many necessary) to help prevent IoT privacy and security breaches:
- Check device settings often and set auto updates. Ensure security and privacy controls are still appropriately set on all the IOT devices and associated apps you use. It is common for the systems and applications updates to change such settings, so don’t assume that the settings you established when you first started using a device or app are still the same. Compared to most folks, I don’t use that many devices (less than 10), and very few apps (less than 15). I set a quarterly reminder to check my security and privacy settings on them.
Have you considered these topics in your 2019 planning? Let us know! We welcome your constructive comments below.
Yes, I realize that each of these topics have much more involved than what I covered here. Of course, much, much more needs to be considered beyond the points made. But, the purpose of this post is not to provide a class discussion, but to get readers thinking critically and seriously about these topics.
I’m planning more episodes of my Data Security & Privacy with the Privacy Professor podcast covering these topics throughout this year. Here are a few of my episodes to date that covered one or more of these five topics:
- 2019 Information Security Forecast: Worldwide and In Colombia
- IOT Security, Privacy and Safety
- Government Hacking and Surveillance: Activities, Tools and Laws
- Who’s Eavesdropping on You? Government Surveillance and Laws
- Uberveillance: Would You Embed Constant Surveillance In Your Body?
- Why Nation States and Cybercrooks Love Wi-Fi
- The Ghosts of Government in Our Machines: The CIA and Surveillance
- Computer Hacking Crimes and Prosecutions
Please get in touch!
I look forward to covering the wide range of privacy issues that must be addressed by every business, and every individual, in the coming months within this blog feature! If you have a topic to suggest, just let me know. I always appreciate knowing the topics that are at top of mind for our readers.
#IOT #InternetOfThings #Surveillance #Ransomware #Hacking #Education #Laws #Privacy #NationStateHacking #CyberSecurity