New ESET/NCSA Survey Explores the Internet of (Stranger) Things

Next story

Today, ESET and the National Cyber Security Alliance jointly released survey results that reveal the unease with which people approach our increasingly digitally connected lives. Internet-connected home appliances, toys, automobiles and a myriad of smart-gadgets certainly open up new possibilities. But do they also expose a portal to more insidious forces?

Consider some of these survey highlights as daily life comes face-to-face with the unknown.

Nearly one quarter of consumers have an Internet-connected device such as a thermostat or appliance in their home, and use an app to control it. Yet, more than 40% are “not confident at all” that IoT devices are safe, secure, and able to protect personal information.

While 85% know their webcams could potentially be accessed by unauthorized persons, 36% percent have not taken any preventive measures. And 29% believe their webcam has actually been accessed.

While the router serves as the gateway to every connected device in the home, a near-majority haven’t taken the most basic steps to protect themselves. And, nearly 80% have seven or more devices connected to their home router, however only 30% have changed the password from the factory default and another 20% can’t remember if they have.

In fact, 72% are more concerned with hackers invading their computers or smartphone than they are with rats getting into their house. Strange times, indeed!

Like to know more about the survey results? We’ve highlighted some of the results below in the “Internet of Stranger Things” infographic, and you can also read the summary of the survey data and key takeaways. But we’d be happiest if you just take a little time to check out the below infographic, and the not-so-strange tips from ESET CEO Andrew Lee.

1. Change the default password on your home router every three months:

As this survey demonstrated, not many consumers change the default password that comes standard on their home routers. This means that a hacker can easily gain access to their router by guessing the password that comes default on common routers. Changing this password to something new every three months ensures that even if you share the password or it’s accessed by some other means, you keep your router more secure.

2. Ensure software for all devices and connected systems is up to date (including router firmware):

Manufacturers and software providers frequently issue product updates throughout the year. While some of these changes include new features that are available, or adjustments to an interface, they are often security related as well. Keeping software up to date on all connected devices ensures you have the latest protection the manufacturer/developer offers, which is your first defense against cyber threats.

Most consumers don’t think to update router firmware, the code and data that allow routers to function. Adding to that, routers have long shelf lives, which means that by the time it’s replaced, its software is often very out of date. To determine whether your router’s firmware is up to date, identify your router’s model number and visit the manufacturer’s site to see whether there is a newer version available to download.

3. Confirm whether your home security software features router protection:

Home security software is one important layer in protecting your personal data and information. Some home security software now features router protection, which allows you to easily view and manage the devices that access your network. If a device that you don’t recognize is accessing your network, you can elect to block it. You can also add a master list of authorized devices and then set it so no other device will be able to join the network. (On a router, devices are identified by something called a MAC address, which can be found in its network settings.)

4. Ensure you understand what data is being collected and stored by your connected devices:

As most consumers know, the data we generate and information we transact online with is extremely valuable if it ends up in the wrong hands. Because of this, it’s critical that you are aware of what data your connected devices collects, how it is stored and how it is shared. While it would cause a red flag if a connected fridge asked to access something such as your home security system, you might not think twice about letting your connected heating system store your weekly data log. However, a criminal that gains access to that log because it’s not securely stored can tell when the home is not heated or the heat is turned down, signifying your home is vacant. Further, if that data log is shared with other vendors for sales leads, you lose track of just who has the information. Familiarizing yourself with the data/privacy policies of your connected devices is critical to ensure you understand the type and quantity of data that is being collected and how it is being stored.

5. Limit device/app privileges:

As with apps accessed on a mobile device, you should look to limit the access and privileges your connected devices have daily. Should your toaster be able to access your contact list? Will the fridge ever need to communicate with your front door lock? Ensure devices and apps don’t have free rein to communicate with entities they don’t need to so that even if one device is breached, it does not mean all your connected devices can be accessed.