The recent distributed denial-of-service (DDoS) IoT attack against DNS is a wake up call to how fragile the Internet can be.
The IoT attack against Domain Name Servers from a botnet of thousands of devices means it’s way past time to take IoT security seriously. The bad actors around the world who previously used PCs, servers and smartphones to carry out attacks have now set their sights on the growing tidal wave of IoT devices. It’s time for consumers and enterprises to protect themselves and others by locking down their devices, gateways and platforms. While staying secure is a never-ending journey, here’s a list of twelve actions you can take to get started:
- Change the default usernames and passwords on your IoT devices and edge gateways to something strong.
- Device telemetry connections must be outbound-only. Never listen for incoming commands or you’ll get hacked.
- Devices should support secure boot with cryptographically signed code by the manufacturer to ensure firmware is unaltered.
- Devices must have enough compute power and RAM to create a transport layer security (TLS) tunnel to secure data in transit.
- Use devices and edge gateways that include a Trusted Platform Module (TPM) chip to securely store keys, connection strings and passwords in hardware.
- IoT platforms must maintain a list of authorized devices, edge gateways, associated keys and expiration dates/times to authenticate each device.
- The telemetry ingestion component of IoT platforms must limit IP address ranges to just those used by managed devices and edge gateways.
- Since embedded IoT devices and edge gateways are only secure at a single point in time, IoT platforms must be able to remotely update their firmware to keep them secure.
- When telemetry arrives in an IoT platform, the queue, bus or storage where data comes to rest must be encrypted.
- Devices and edge gateways managed by an IoT platform must update/rotate their security access tokens prior to expiration.
- Field gateways in the fog layer must authenticate connected IoT devices, encrypt their data at rest and then authenticate with upstream IoT platforms.
- IoT platforms must authenticate each device sending telemetry and blacklist compromised devices to prevent attacks.
Keeping the various components that make up the IoT value chain secure requires constant vigilance. In addition to doing your part, it’s important to hold the vendors of the IoT devices, gateways and platforms accountable for delivering technology that’s secure today and in the future.
You might think that once a sale has been made, or an email subscription confirmed, that your job is done. You’ve made the virtual handshake, you can have a well-earned coffee and sit down now right? Wrong! (You knew we were…Continue
Anyone who has ever had to justify social media spend will appreciate that it feels good to have figures to cling to. We know that a lot of the value is relatively intangible – it’s about sentiment, awareness, relationship…Continue
Snapchat is, relatively speaking, one of the newbies on the social media block. First launched in 2011, it started with a less than desirable reputation. “Is that the one that people use to send dirty pictures when they’re…Continue
When you think of social channels like Facebook, what do you picture? Is it people over sharing feelings and pictures of their children? Do you imagine it to be chock full of personal complaints, boasts and holiday snaps?…Continue
Just hit the big red "block now" button and say goodbye to robocalls, telemarketer calls, solicitor calls, elections calls, junk faxes or anyone else you'd prefer not to hear from. This small and discreet gadget can also block international and…Continue
The big reveal this week in the world of updates was Android O, which gives us a glimpse of the next generation of Google’s operating system. But for so many owners, all they want is their taste of Nougat.
A lucky few are getting that this…Continue
If Apple’s shiny new red iPhone 7 caught your eye on Tuesday when it was first…Continue
With this cable, Anker boasts reinforced stress points with a 10000+ bend lifespan, double-braided nylon exterior and toughened aramid fiber core, laser-welded connectors and a worry-free 18-month warranty. The micro-USB cord is a generous 6 feet…Continue