IoT Security: Why Your Toaster Needs a Firewall
There’s been a rash of bad news about IoT security breaches that is justly raising concerns about the looming threat of cyber-attacks. However, IoT security challenges are far over the heads of non-technical consumers who enjoy smartening up every single item in their households and are eagerly awaiting new fad inventions. There’s a salient component that is all too often an afterthought: IoT device security seems to be less of a concern to manufacturers rushing to hit the shelves. Meanwhile, malicious super bots are prowling around, trying to turn your gizmo into a zombie. So if your toaster is not behind a firewall, you’re toast!
Smart but not secure
As with any emerging technology, there’s a dark side to IoT. Along with a wide variety of connected appliances finding their way into our homes, came an equally wide variety of IoT security challenges posed by smart devices. These addictively convenient gadgets that make our lives more comfortable, also make our homes more vulnerable. Connected devices are ridiculously easy to compromise, so what they offer in convenience and efficiency, they lack in security. IoT products have limited compute resources, use a stripped-down version of Linux and don’t often receive critical updates and patches. IoT device security is also undermined by the use of default or weak passwords.
Hackers never rest, neither should you
Just how paranoid should you be about the appliances in your smart house? You might be thinking, ‘Who’s going to try and hack my toaster? Why would a hacker find me? After all, the Internet is huge. Right?’ Wrong! Each time you hook up a poorly secured gadget to the web, it becomes a matter of when, not if, you will be hacked.
As connected devices are multiplying at a chaotic pace, nefarious bots are probing for IoT vulnerabilities across the entire cyber space – and their next target can be your smart toilet, baby monitor or door lock. Remember that story of a fake web toaster hack? As an experiment, The Altantic set up a honeypot, an attractive trap for catching hackers, to find out how quickly it would take for someone to attempt a breach. They didn’t have to wait long. The first attack came in less than an hour, and by the end of the day, the toaster had been attacked over 300 times! That might finally be the cold shower to IoT security slackers.
The hacker’s dream
So what do you get with this vast network of unguarded smart devices? It’s a hacker’s dream come true. Connected homes are attractive targets for attackers because of their sheer numbers. More appliances mean more opportunities for intruders to infiltrate networks, plant malware and conscript new recruits into their armies of zombie machines. With this massive chain of infected devices, hackers are able to traffic-overload their target and launch a sophisticated denial-of-service attack, bringing the Web to its knees.
IoT security is inseparable from safety. Hacks can even pose a threat to human life. Imagine criminals controlling your car’s steering and brakes, hacking an implanted insulin pump or causing your toaster to blow up in your kitchen… well, you got the idea.
For now, weak IoT device security is something we’ll have to live with until manufacturers beef up built-in protection in their products. But with all that’s been happening on the internet these days, you just can’t let all that gear sit ‘naked’. The simplest way to stop cold these brute force attacks is by blocking hackers from accessing your network. That’s where a firewall comes in.
Keeping the fire out
Just like a physical construction that prevents the spread of fire, a firewall acts as a protective barrier between your network and the Internet. It is your first line of defense against viruses, bots and other malicious code constantly attempting to attack your devices. A solid firewall blocks the traffic that you have not specifically requested, while still allowing all legitimate communication with the outside world to run freely.
Think of it as a gatekeeper who won’t let anyone enter or leave your network if they don’t have permission. Firewalls work in a similar way. They scrutinize incoming or outgoing data for any potential threats to the system. Firewalls use a ‘wall of code’ that inspects every single ‘packet’ of information to decide whether it should be allowed or rejected based on a set of predefined security rules.
Away from prying eyes
Not only do firewalls keep unsolicited traffic out of your network, they can also ‘hide’ your Internet-connected home from view. When you go online, you become visible to the outside world through thousands of ports that can open the door to malware raids. The idea behind a firewall is to close the ports you’re not using, so that the outside can’t see you unless you want them to.
There’s a new IoT security sheriff in town
A smart firewall is becoming the next hot thing in IoT security, bringing business level internet protection to connected homes. This gadget is usually pre-configured and, once plugged in, it starts doing its magic, shielding your entire network from outside threats.
A smart firewall uses cloud-based intelligence, machine learning and behavior analysis to identify and block any suspicious activity, detect IoT vulnerabilities and plug security gaps. It continuously inspects the metadata of each incoming or outgoing packet, analyzes the behavior of millions of devices, and applies learnings from one network to all other networks sheltered behind this new breed of firewalls. When a smart firewall discovers a new attack, it immediately updates its cloud threat library and alerts you (along with all other users) through its companion mobile app. With this shared intelligence, your device is always on guard, constantly upgrading itself to create an even safer environment for your equipment.
No farewell to firewalls
Even though firewalls often get bashed as being far from impenetrable and producing a false sense of protection, they still have a significant role to play in keeping smart homes safe and remain one of the critical building blocks of sound IoT security. However, it is only with the combination of best security practices, right tools, technologies and strategies, proactive measures, AND a good firewall that you can win the cyber security battle against the army of evil toaster botnets.