Strong passwords provide good defense as Internet of Things grows

Like leaving the front door of your home wide open when you leave, many people leave personal information online for anyone to find.

Security cameras, cars and even refrigerators are getting upgraded to connect to the internet, which means more daily interactions are done online. The connections make some tasks easier and more efficient, but the devices also come with new risks.

Many people don’t think about how easily those things can be hacked. A family in Denver, Colorado recently walked into their baby’s room to find a stranger watching and talking through a baby camera.

Those monitors, as well as other internet-connected devices, such as thermostats, children’s toys and virtual assistants like Google Home and Amazon Echo, are just some of what’s called the IoT, or Internet of Things.

Jake Seaton is part of what’s helping the IoT industry grow to an expected 24 billion devices by 2020. One estimate puts that at four devices for every person on the planet: Seaton has five Amazon Echo devices in his home.

“I change the channels. I can turn up the volume. All with my voice,” Seaton said.

The devices even turn on his coffee pot.

Seaton admits the connected nature of the devices can be a bit scary, and security experts agree.

Jon Sternstein owns Stern Security, a data security consulting company. Sternstein is one of the experts who wonder about the images the devices capture or the conversations they overhear.

“You have to think that when you talk to Siri, that has to be sent to Apple. Apple has to process that to understand what you said and then send the information back to your phone,” Sternstein said.

That simple voice command to Siri involves many internet-connect devices. Even kids’ dolls and robots are being questioned.

The Federal Trade Commission is looking into a complaint that some toys spy on kids. A consumer watchdog group said the makers collect personal information to set up the toy, records conversations as kids play and then shares that information with third parties.

“At a certain point, you don’t really know who would have access to your information,” Sternstein said.

Sternsteirn also warned that some IoT technology can be used for high-level hacking.

“A lot of these devices can be used to attack other systems as well,” he said. “So, even your refrigerator, (hackers) don’t care about turning your refrigerators off. They might want to use that refrigerator to attack another machine on the internet.”

In October, hacked home devices, like DVRs and routers, were used in a massive attack that took down service to popular sites like Amazon, Twitter and Netflix. The attack, called a distributed denial of service, used hacked devices to send tens of millions of requests to overwhelm internet servers.

There are ways to safeguard your devices against hacks, though.

Security experts say making hard-to-crack passwords is the best step to online security. They also said people should always change the passwords that come with the device, especially for things like internet routers, which can look secure but are generally just one in a series.

For secure passwords, use a phrase that’s unique to you, and mix up the characters. When it’s possible, use two-factor authentication, which usually involves a text or email that gets sent to verify it’s actually you trying to sign in.

Another security tip: Run the manufacturers’ updates as soon as they’re sent.

Sos as you hook up your home for convenience, don’t skip security. Otherwise, it’s like leaving the front door wide open for hackers to invade your home.

An industry push with these devices is for manufacturers to increase security. Sternstein said it doesn’t seem to be a priority with many of them right now.