IoT devices are no more only targets of cyber attacks. They have evolved to an upper level where they can be used as a cyber attacking platform in DDoS attacks as Zombies.
As a normal but disturbing result because of these DDoS threats the importance of the security of the IoT devices became an important issue. There are many ways to secure the IoT devices. Below there are some important actions to make the IoT devices more secure:
1) Do change the default passwords of your IoT devices.
2) One of the very basic and important security rule: Disable TELNET and HTTP access to your IoT devices. Use SSH and HTTPS instead of them.
3) If you don't need to connect your IoT devices remotely then DO disable remote access to your IoT devices. (Yes, disable even SSH and HTTPS.)
4) Put your IoT devices into another segment in your LAN and restrict accesses to your IoT devices with firewall rules or ACLs if possible.
5) Use WPA2 encryption for the wireless connection of your IoT devices. Try to not choose easily predictable passwords.
6) Expose your IoT devices to penetration tests. Let also your IoT devices be included in your penetration test scope. Do not neglect them.
No comments:
Post a Comment