By the end of next year, more than 20 billion devices are expected to be connected to the internet.
It's easy to see why. Almost everything we purchase today can be connected to Wi-Fi networks including lights, water sprinklers, refrigerators, toys, watches, shoes - even golf clubs. Not to mention your cellphone, laptop and automobile.
While the so-called Internet of Things (IoT) devices make life more convenient, they exponentially increase cybersecurity risks. Each connected device represents an opportunity for hackers to break into a network.
In recognition of the increased risk, the FBI recently issued a public safety alert urging people to take steps to protect themselves.
The FBI noted that hackers like IoT devices "because they provide a layer of anonymity by transmitting all Internet requests through the victim device's IP address. Devices in developed nations are particularly attractive targets because they allow access to many business websites that block traffic from suspicious or foreign IP addresses."
Criminals use IoT devices for many purposes, including to provide anonymity, send spam e-mails, buy and sell illegal goods, and sell or lease IoT botnets to other cyber actors for financial gain.
Hackers typically compromise devices with weak login credentials, unpatched firmware or other software vulnerabilities, or employ brute force attacks on devices with default usernames and passwords.
According to the FBI, signs that that you may have compromised devices include:
- A major spike in monthly Internet usage;
- A larger than usual Internet bill;
- Devices become slow or inoperable;
- Home or business Internet connections running slow.
The FBI recommends taking steps to help prevent your devices from being compromised, including:
- Reboot devices regularly, as most malware is stored in memory and removed upon a device reboot. It is important to do this regularly as many attackers compete for the same pool of devices and use automated scripts to identify vulnerabilities and infect devices.
- Change default usernames and passwords.
- Use anti-virus regularly and ensure it is up to date.
- Ensure all IoT devices are up to date and security patches are incorporated.
- Isolate IoT devices from other network connections.
You can find additional information on cyber threats to IoT devices in the FBI public service announcement, "Common Internet of Things Devices May Expose Consumers to Cyber Exploitation."
If you suspect your IoT device(s) may have been compromised, you can file a complaint with the Internet Crime Complaint Center at www.ic3.gov.