Not So Smart Appliances?
The internet revolutionized the way we communicate a long time ago. Thanks to the rise of the phenomenon that is Internet of Things, it seems the internet is destined to revolutionize our appliances as well.
The days of a coffee maker being just a coffee maker are long behind us. Today’s smart coffee makers can do everything their distant brethren could, but with the added touch of wireless controls and scheduled shots of caffeine. Who’s got time to wait for the drip when you can have a cup steaming and waiting for you at a time of your choosing? After all, isn’t convenience what the 21st century is all about?
Unfortunately, smart coffee makers can sometimes be the not-so-smart choice for a business organization.
The Cybersecurity Risks of a Smart Coffee Maker
In case of a network invasion, most companies look towards their computers, smartphones, and even employees with the eye of suspicion. But sometimes, the innocent coffee maker sitting at the corner turns out to be the culprit that moved the gates wide open for the attackers to march in.
While the dangers of smart appliances don’t come to us intuitively, the risks are there no less. Any network is only as secure as its weakest link. As it turns out, smart appliances almost always turn out to be the weakest link on average.
We’ve found that an effective way to elaborate the risks of smart coffee makers and other IoT-enabled appliances is with the help of a real-world story. Let’s look to Martin Hron from Avast for the perfect illustration.
Martin made headlines a while back with his demonstration of hacking a smart coffee maker. As the smart appliance had zero protections, all the ethical hacker had to do was to connect to the Wi-Fi network and send malicious code to the machine. Within minutes, he had complete control over it.
Now you might be wondering how bad can a hacked coffee maker be? It’s not like a few wasted cups of coffee before you plug the thing out are going to do any damage to your business.
Unfortunately, as Martin showed, such an attack can not only overheat the burner and cause a potential fire hazard, but it can also compromise other devices on the network. We’re not just talking about other smart appliances either, as computers and smartphones can also be targeted this way. The coffee maker ends up acting as a rogue gateway to your entire network.
As you can imagine, this can result in all sorts of damage, from your most sensitive files getting locked and held for ransom to your credit cards and bank details getting stolen.
Does This Mean You Should Say Goodbye to Your Beloved Coffee Maker?
With all the gloomy details covered, let’s talk about the good news. You don’t have to throw that smart coffee maker away just yet. Here are some steps you can take to enjoy the perks of IoT products without any serious risk:
- Set up a strong password for every smart device. For the sake of convenience, many brands add the feature of password-free connections. Resist the urge to keep it that way.
- Be sure to install the latest firmware updates. Any respectable brand will patch exploits that might let attackers compromise your device. The only way to get such patches is to keep your devices up-to-date.
- The holy grail of IoT protection is to set up a separate, dedicated network for them. Keep this network completely isolated from your work network, the one with your computers, smartphones, servers, and other critical infrastructure on it. This way even if an attacker takes control of your smart devices, they won’t have access to any of your business-critical systems. You can simply turn off the network for your smart appliances until the issue is resolved.
Those tips will keep your smart device usage as safe as possible. However, it’s always a good idea to ditch any devices you don’t actually need. There’s no point in installing and protecting a smart speaker or a soap dispenser if you don’t absolutely need one in the first place. The fewer devices you add to your network, the lower your risk will be.
If you have questions about your organization’s cyber security, contact me at 888-782-7003 or 781-303-0910. To learn more about Optistar’s technology solutions, visit here. If you’d like to schedule a 30 minute consultation, you can do that by visiting here. We would love the opportunity to speak with you and answer any questions you may have.