A recent DDoS attack that shook the internet, taking down websites like Twitter, Spotify and Netflix, was reportedly caused by a botnet composed of DVRs and webcams. This is particularly worrisome to the Internet of Things industry because increased security measures are required. Many MCU and MPU suppliers have addressed these issues with added security packaged in the silicon, or with an external security specific component. The article “How to use the Latest Microcontrollers to Simplify Embedded Security” addresses the issues that come with security for the end users of your product.
Another issue with security and the IoT is consumers either ignoring or being ignorant of their side of security. Here are three tips that should be common sense when setting up a new device.
Change factory set passwords/set up a secure network
This should be self-explanatory, but is surprisingly not done as often as you would think. My tip if you want to educate your friends and neighbors: try to hack their router with admin:password or some iteration of that. If you get in, change their password and username and tell them now they have to change it. With IoT devices this is extra important, especially if you have webcams set up.
Update devices to most recent firmware
This one can be frustrating, particularly with smartphones and tablets. With IoT devices, though, manufacturers are frequently pushing out security updates. If you skip these, you’re vulnerable.
Buy from reputable manufacturers (name brand)
We all have our favorite brands. If you find a really good deal on a device with free shipping (from China), but it’s a brand you haven’t heard of – research it! If they are trustworthy, they will have good reviews and a quality website.