15 Apr

Cyber attacks hit businesses and private systems every day. When you’ve got millions of eyes in this ecosystem, cyber attacks can happen at any time. We’ve all heard about cybercrime, but what happens when you’ve got millions of devices, millions of different Internet-enabled devices that are connected to the internet?

Now you’ve got the Internet of Things. Millions of pieces of equipment, from baby monitors to food-processor fridges to electric toothbrushes, are connected to the internet. And if you’ve got millions of devices that have security vulnerabilities, that could be the perfect environment for a cyberattack.

We’ve recently seen examples of how attackers can exploit the IoTthe buzzword for what people are describing as connected home devices to create compromise points into these systems.

According to companies like Fortinet, by combining the right assets and the right plans, a cyber attack on this network could be very difficult or almost impossible to defend against. But there are simple things to do, which we call “active defense” for this new network of devices. Let’s talk about three of the best ways to defend these devices.

Staying one step ahead of attackers

Before a malicious party can successfully compromise one of your home-enabled devices, they’ll first need to compromise or attack a single target.

Taking advantage of a single compromised device also gives attackers the first-mover advantage. Once you’ve compromised one device, it’s much harder for an attacker to try to breach other devices you’re already in a good position.

Going offline is not an option

Many times, attackers try to penetrate the network by attacking the main IP address of the web server, which is often the IP address of the main router. The biggest downside is that if they manage to gain access to the web server, they have access to any and all websites the site owner has uploaded. If you run a financial website, that’s a bad day.

Instead, attackers prefer a man-in-the-middle (MITM) approach. They will typically use the victim’s Wi-Fi network to send command and control messages to a fake hotspot in the middle of the network, to then initiate a successful attack.

Getting a good-enough MITM connection is important because it makes it easier to control the affected devices. If you’re the web server owner, then you should consider using an HTTPS connection, which is more secure than HTTP. Doing so is easy: all you have to do is add a short hash mark ( // ) to the beginning of the URL and add the “http” and “https” prefixes. A short hash mark makes it impossible to inject a malicious code with a HTTP request.

If you’re responsible for connecting to your appliances and making decisions for the owner, you’ll also want to keep an eye on the traffic in your network. For this reason, you’ll want to apply IPSec VPNs to protect the connection between your devices and the rest of the network. IPSec VPNs protect both the end-user and the service provider’s network, allowing you to send trusted traffic between your devices in any number of different ways.