FBI tips for IoT safety: National Cyber Security Awareness Month


There are more than three billion Internet users across the globe, and in the United States alone, there are over 200 million users who are connected. These staggering stats on connectivity are on the rise, thanks to the Internet of Things (IoT) movement, making more and more everyday objects capable of communicating data to other machines, apps and services. 

But there are also downsides to connectivity, especially as things like light bulbs, doorknobs and security systems are controllable via mobile apps and tap into home networks. The increase in internet-connected devices grants more access to personal data and home networks, where hackers can spread malware, steal credit card information and remotely control the devices upon which we rely. As October is National Cyber Security Awareness Month, the FBI is sharing some safety tips to consumers, and highlighting security issues we should all keep in mind.

Protecting yourself in a connected world

According to the Federal Bureau of Investigation (FBI), hackers can use IoT devices, such as connected thermostats, lights, plugs and switches, and move laterally to access or compromise “network devices, including routers, laptops, phones, tablets and hard drives, to steal personally identifiable information, identify bank account logins and credit card numbers, send malicious and spam e-mails, abscond with proprietary business information, interfere with business transactions and engage in digital eavesdropping,” to name a few potential issues.

The FBI also noted that compromised IoT devices can also result in physical harm, such as when a connected door lock is hacked to allow intruders into homes.

Safety Tips

To prevent IoT devices from being liabilities, the FBI offers some tips on how you can protect your IoT devices:

  • Understand your IoT devices. Many come with default passwords or open Wi-Fi connections, so change to a strong password and only allow the device to operate on a network with a secured Wi-Fi router.
  • Protect your Wi-Fi networks — set up firewalls and use strong, complex passwords, and consider using media access control address filtering to limit the devices able to access your network.
  • Many routers give you the option to set up more than one network — if yours does, separate your computing devices from your IoT devices and spread them throughout several different networks. That way, if cyber criminals break into one network, the damage they do will only be limited to the devices on that one network.
  • Disable the Universal Plug and Play protocol (UPnP) on your router — UPnP can be exploited to access many IoT devices.
  • Purchase IoT devices from manufacturers with a track record of providing secure devices, and set your devices for automatic updates when available.
Photo by Skley