The Internet of Things (IoT). The latest techno babel buzzword. What does it mean?
Simply put, things, or devices, above a beyond computers, phones, and tablets, which connect to the Internet. The list of devices that fall under that title of IoT would amaze you. It includes things like TV’s, thermostats, light switches, refrigerators, and even ovens.
Manufacturers want to make our life easier by keeping us connected to our juicer–a noble cause to say the least. As manufacturers continue to focus on function, they may lose sight of the fact that the Internet is still the Wild West, and the lawmen just can’t keep up.
Mirai is a nasty bit of malware that scans networks looking for connected devices–generally running Linux. Before you breathe a sigh of relief because you only have Windows PC’s and or Macs, remember that the manufacturer of your new IoT Bread Maker didn’t want you to have to eat the cost of a full Windows License. So it’s running on a scaled down open source Linux platform.
But I Just Wanted Toast
Like many of us–yes even those like me who actually work in technology–I don’t need to control my toaster from anything more than that little lever on the side.
So if I were to buy the latest IoT Toaster, I’d connect it to my WiFi so I can program the proper done-ness of my toast, and most likely never setup toasting alerts, crumb tray full alerts, or even configure a username and password beyond the default. It just a toaster right?
This is a common scenario. We know that most IoT devices are not storing sensitive information, so we don’t take the time to update firmware or set usernames and passwords.
Malware like Mirai takes advantage of this habit we share and transforms our IoT devices into Decepticons, or more accurately, DDoS Bots.
Keeping Your Connected Life Secure
Start by disabling the connectivity functionality of devices that you don’t need to be connected. Disconnect those devices from your WiFi.
Upgrade the firmware on the devices you want to be connected, and change the username and password.
Make it a habit that every new IoT devices you install should start with a firmware upgrade and a new password. These simple steps can keep your IoT devices safe.