REGION – It was late morning and we were making our way to the exit of a “warehouse club” store when my wife came to a stop. No, we had not forgotten to buy something we didn’t need, and the tone of her voice was one of “puzzlement.” Her cell phone received a message from a refrigerator displayed near the store exit asking if she forgot to purchase milk or eggs. That was our first public encounter the internet of things (IOT). According to the consulting firm McKinsey and Company, IOT “describes physical objects embedded with sensors and actuators that communicate with computing systems via wired or wireless networks – allowing the physical world to be digitally monitored or even controlled.” Simply put, IOT is all that “smart” stuff we have that is in some way connected to the internet: cameras, phones, watches, health monitors, televisions, appliances, vehicles, and much more. By the end of 2023, there will be over 14 billion IOT devices in use, and the number will likely triple by the end of this decade.
The technology goes beyond convenience, and is rapidly becoming a necessity. Home monitoring, heart or diabetic monitoring, functionality of appliances, and communications are all part of the IOT world. But with the benefits come many risks. The risks appear to be similar to the risks faced by computer and tablet users posed by hackers, but there is a major difference: computers, tablets, and smart phones are designed and constantly updated with security in mind. Most IOT devices are not, and generally incapable of updating the operating software.
The risks also vary by device, and include the following: accessing home cameras, climate control, lighting, appliances, garage door, and more; tracking and disabling vehicles; and accessing critical medical systems such as a pacemaker.
If you maintain a home Wi-Fi network, one of the most critical and vulnerable devices that is internet-connected is your router. It is an almost invisible piece of internet life with which all you need to do is, in the words of a television advertisement, “set it and forget it!” It is critical because it connects all wireless devices to the outside world. It is vulnerable for that reason, and because older routers were not well-designed to cope with hackers. It is the ultimate plug-and-play device, and many users do not alter the default password setting. As a criminal hacker, if I know the router password, I can access any connected device on the network: TV, camera, computer, coffee maker, thermostat, and yes, that connected refrigerator.
Protecting yourself from hackers takes time and effort. Begin with your Wi-Fi router. Purchase a replacement if it is more than 5 years old. Whether old or new, change the device password regularly, regardless of if it is a default password or one you created.
Don’t enable an internet connection unless it is necessary for the device to function. For example, most flat-screen televisions allow you to connect directly with the manufacturer via the internet. While the connection allows you to receive information and troubleshoot any problems, it allows the manufacturer to collect data on your viewing habits and more.
If possible, be certain that the device operates with updated software. If the software cannot be updated, consider replacing the device with one that can be updated.
Use multi-factor authentication (MFA) if allowed by the device. With MFA, access to the device requires an additional step, often involving email or text messaging.
Conduct personal research to discover what personal information is collected by your service provider or the device manufacturer, and what is done with that information. Many providers collect personal information for marketing products and services, or to create a separate income stream by selling your data.
Finally, don’t connect to public Wi-Fi networks with portable devices. When possible, use a secure channel by creating a personal hotspot on your cellular phone.
The Internet of Things is growing, and we can’t avoid it as it becomes a part of everyday life. We need to be certain that it is working for us, and not for criminals.
If you have questions or comments, email egreenblott@aarp.org.
Elliott Greenblott is a retired educator and coordinator of the AARP Vermont Fraud Watch Network. He hosts a CATV program, “Mr. Scammer,” distributed by GNAT-TV in Sunderland, Vt., www.gnat-tv.org.