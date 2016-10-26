Earlier this week, a large distributed denial of service (DDoS) disrupted a significant portion of Internet traffic, starting on the U.S. East Coast, spreading to the West Coast and ultimately Europe. This attack was significant to business and individuals for two reasons: the size of the attack, and the fact it was driven by insecure Internet of Things devices that are trivially easy to identify and exploit.

The term Internet of Things (IoT) is used to describe a galaxy of wildly different devices, from baby monitors to smart home products, medical devices to airliners, that cost hundreds of millions of dollars.

From the appliances and thermostats in our homes to apps and wearables that track our health and fitness to the vehicles we drive and the streetlights and traffic signals that guide us on the road, smart technologies are becoming increasingly interconnected with our everyday lives. And they have the potential of exposing us to security risks at a personal and business level.

Take an incident that occurred years ago in the home of Heather Schreck. Around midnight, Schreck was startled by a man’s voice in her daughter Emma’s room. Schreck noticed the baby monitor camera move and heard a voice saying, “Wake up, baby, wake up, baby” emit from the device. Schreck’s husband, Adam, ran into Emma’s room, saw the camera turn toward him, and heard obscenities targeted at him. He unplugged the camera.

Smart technologies are becoming increasingly interconnected with our everyday lives. A new ESET/National Cyber Security Alliance study on the Internet of Things — the connectivity of a wide variety of “things” to the Internet — reveals that 56% of consumers own up to three devices, not counting their computers and smartphones, that connect to their home routers, with 22% having between four and 10 additional connected devices and 3% owning more than 10.

Despite the growing number of connected devices in the home, however, 43% of respondents reported either not having changed their default router passwords or not being sure whether they had done so.

Here are some things you can do at a personal level.

Wi-fi router

The network router is becoming the most targeted for attacks and an entry point of exposure into our homes. More than 50% of all routers worldwide have a default or basic username and password combinations, like “admin” and “password,” while an additional 25% had the user address, birthday or name as password, as noted by Avast Software. People are advised to:

Use a strong password.

Keep it up to date.

Give it a name that does not reveal it belongs to your family.

Digital video recorders

Set top boxes in homes that are used to record TV shows are another high target for attacks. Compromised DVRs have been linked to recent massive DDoS attacks, and researchers have warned of attackers creating large botnets of such devices for use in various malicious ways.

As with home routers, DVRs often ship with poor to nearly nonexistent security controls. Many are connected to the Internet with hard-coded or default passwords and user names.

Applications

Be careful what you download.

Delete applications when you are done or don’t need them.

Protect your online presence

Research your devices before purchase.

Know what information they collect, manage and store.

Protect your online accounts

• Enable strong authentication, such as biometrics, security keys or using a unique one-time code through an app on your mobile device.