by Jordan Wills, Cloud9 Smart
There is a theory that anti-virus companies are behind the viruses they protect against. Or maybe the culprits are hackers-for-hire, employed by companies or even nations out to embarrass each other. Genius pre-teens who just want to impress their friends? The recent DDoS Internet attack is a sobering reminder that the Internet is not invincible, and neither are the things we connect to it. Just after 7 a.m. connected devices across hundreds of thousands of homes and businesses were used to bombard a major switchboard, taking down Twitter, Netflix, Spotify, Airbnb, Reddit and more. Not to fear-monger but a conversation on security seems prudent.
How were these devices hacked? Some didn’t have passwords (a lot of IP-enabled cameras for example, don’t have passwords.) Others used the most common ones like “admin” and “12345” and were hacked in droves via a simple program that threw these passwords one after another at each device. Successfully commandeered gadgets were then used to bombard Dyn DNS (a company that routes traffic for many popular websites), overloading its circuits. It’s a wonder how many people bemoaned the outage, unaware their own home was assisting in the attack.
It is estimated that upwards of 500,000 IP-enabled cameras and DVRs were infected with the Mirai DDoS hack, and utilized to take down the DNS server.
Most of the hacked devices were older, designed when network security was less of an airtight necessity for certain applications. Nevertheless, it serves as a reminder that vulnerability points will always be followed by those looking to take advantage of them, and unrecognized access to your security cameras is troubling for more important reasons than a temporary inability to Tweet. As connected devices multiply across the home so do the potential vulnerability points for unwanted access. If it ever made sense to trust out-of-the-box security for every device, it’s making less. Homes need protection at the entry point. They need firewalls.
A firewall serves as a gateway between your network and the rest of the world. Businesses require robust firewalls to protect their information and manage the whirl of office activity. While enterprise firewalls are overkill for residential needs, many are finding the need for some sort of protection at the door of their connected home. There are a lot of options out there, and Cisco’s Meraki is our favorite. Meraki’s intrusion detection engine uses an arsenal of approaches to identify and protect against malicious entities and threats. It allows you to limit how much access each device has on the network, and how much access each member of the household has on the Internet.
It’s important that you find a home systems integrator who uses brands that take security seriously. The recent hacking fiasco highlights the dangers of relying solely on each device’s security. Just like we wouldn’t allow the rest of the Internet to access to our business’s intranet, protection on the home front is becoming just as important. That’s why network security, remote management and ongoing support are key components of our smart designs.