Are smart devices ‘smart’ enough to thwart the bad boys?

Spending on the Internet of Things security is predicted to reach almost $3.1bn globally by 2021

The new Amazon.com Inc. Echo, left, and Echo Plus sit on display during the company's product reveal launch event in downtown Seattle, Washington, U.S., on Wednesday, Sept. 27, 2017. Amazon unveiled a smaller, cheaper version of its popular Alexa-powered Echo speaker that the e-commerce giant said has better sound. Photographer: Daniel Berman/Bloomberg
Powered by automated translation
Four tips to secure IoT networks

Mohammed Abukhater, vice president at FireEye in the Middle East, said:

- Keep device software up-to-date. Most come with basic operating system, so users should ensure that they always have the latest version

- Besides a strong password, use two-step authentication. There should be a second log-in step like adding a code sent to your mobile number

- Usually smart devices come with many unnecessary features. Users should lock those features that are not required or used frequently

- Always create a different guest network for visitors

Asking Google Assistant to book an Uber ride, directing Amazon’s Alexa to get weather reports and controlling your home’s entire electronics set-up while exercising in your building’s gym — the Internet of Things (IoTs) has made it all possible.

However, besides adding more comfort to our lives, are IoT devices also inviting cyber criminals to barge into our personal territories?

“A simple DDoS (distributed denial-of-service) attack can convert smart devices into botnets that can be used to steal data, send spam and also let the attacker remotely control your smart devices,” said Mathivanan Venkatachalam, vice president at ManageEngine, a Dubai-based IT management firm.

DDoS attacks make a smart device or network unresponsive to its users. Hackers do this by flooding the target with an enormous amount of traffic.

“Users need to understand how to establish a secure framework for their smart devices … otherwise it will completely nullify their privacy and data protection,” said Mr Venkatachalam.

US researcher Gartner expects IoT security-related spending to reach almost $3.1 billion (Dh11.38bn) globally by 2021. Hewlett-Packard, meanwhile, said that 70 per cent of IoT devices are vulnerable to hacking.

"We are becoming more vulnerable to hacks by embracing more IoT devices in our routines," said Mohammed Abukhater, vice president at California-based cyber security firm FireEye for the Middle East and Africa market.

Most of the vendors that are manufacturing and selling IoT devices will not make much investment towards security because that is not their core job, said Mr Abukhater, adding, “The very structure of these (IoT) devices makes them more exposed to hackers and the induction of 5G will open even bigger doors for bad boys.”

Technology  company Cisco estimates that the number of IoT devices — the core to smart living — will be three times as high as the UN's predicted 8 billion global population, by 2021.

The consumer segment has the largest number of connected devices with 5.2 billion units in 2017, representing 63 per cent of the overall number of applications in use, according to Gartner.

Practically everything has an option to upgrade to be 'smarter' — from refrigerators to kettles, doorbells to light bulbs, speakers to televisions and even kids' teddies

“We have seen the consumer market flooding with connected devices and now practically everything has an option to upgrade to be ‘smarter’ — from refrigerators to kettles, doorbells to light bulbs, speakers to televisions and even kids’ teddies,” said Maher Jadallah, regional director for Middle East at Tenable, which is helping global organisations to understand and reduce cyber-security risks.

“It [IoT] comes with its own set of risks as there’s no sure-fire way to know whether or not the vendor has taken all steps to ensure the device is secure and up-to-date,” he said.

Industry experts suggested all smart devices should be segregated from other networks where invaluable personal information is stored and devices like personal laptops and smartphones operate.

“By connecting smart devices to a separate network, users lessen the potential damage, should an attacker gain access,” Mr Jadallah said.

Four tips to secure IoT networks

Mohammed Abukhater, vice president at FireEye in the Middle East, said:

- Keep device software up-to-date. Most come with basic operating system, so users should ensure that they always have the latest version

- Besides a strong password, use two-step authentication. There should be a second log-in step like adding a code sent to your mobile number

- Usually smart devices come with many unnecessary features. Users should lock those features that are not required or used frequently

- Always create a different guest network for visitors