The holiday gifting season is in full swing, but so too, the potential for holiday hacking.
Connected devices and consumer gadgets such as laptops and PCs, streaming media devices, drones, wearables, smart home products – even Christmas lights themselves – can compromise your online safety, security and privacy.
In fact, hackable holiday gifts can be a threat to all of us if they are not used wisely or if they are left unprotected when hooked up to the ever-widening Internet of Things.
IoT devices have been used in recent cybersecurity incidents that compromise the privacy of their owners and the security of the Internet overall.
Barely two months ago, a major Web attack took down Shopify, SoundCloud, Spotify, Twitter and other popular websites; hackers can use unsecured webcams and other things connected to the Internet as their break-in tools.
Another website was streaming live video from literally tens of thousands of connected webcams that had been hijacked; the cameras (being used in both residential and commercial settings) were unsecure because users did set them up properly – or safely.
Video cameras and many other connected devices come with built-in username and password options so that owners can use and manage their gadgets. But factory default settings are easy to hijack, and connected gadget owners must take the steps needed to ensure the device has the latest updates, patches and individually customized password settings.
So, while gadget manufacturers surely have a duty to design privacy, safety and security tools into their products, so too, consumers have a duty to protect themselves and each other by being educated about their device and using safety tools that are available.
“Connected devices are a popular holiday present because they offer convenience and entertainment,” said Brenda Moretto, Canadian consumer manager with Intel Security. “But Canadians need to be aware that connected devices that aren’t properly secured can expose important personal and financial information.”
# # #
Intel advises holiday gift- and gadget-loving techies to heed its tips for safe, secure and private uses of devices connected to the Internet of Things:
Securing the devices itself, not only through use of robust passwords and user IDs, but also with the installation of security enhancement and virus protection software.
Of course, connected devices are only as secure as their connection, and the use of smart home apps or any connected device across public Wi-Fi can expose users to risks.
Device software should be kept up-to-date with authorized updates and software patches, and of course, strong passwords, PINs, even biometric authorization (fingerprint or face scanning) should always be used with any connected device.
# # #
Last year tech analysis firm Gartner estimated that over 5 million new things get connected every day, and the company said over 20 billion connected devices will be in use by the year 2020.
Seeking some ways to come to grip with those 20 billion potential threats, the Office of the Privacy Commissioner of Canada (OPC) has participated in a Global Privacy Enforcement Network’s annual privacy sweep, in which 25 data protection authorities from around the world looked at 314 devices. The OPC focused on health devices, like fitness trackers and heart rate monitors, while the other partners looked at everything from connected toys to smart TV’s and cars.
In describing what risks and potential threats the survey found, the OPC’s Director of Technology Analysis Luk Arbuckle noted that great potential, promise and power of the Internet of Things also comes with great responsibility, again, both from the manufacturer and the user community.
Intel Security’s chief consumer security evangelist Gary Davis has posted his holiday advice about hackable gift-giving in a recent blog post, and the OPC has also launched a privacy blog filled with tips that can help all of us have a safe and secure holiday and a happy New Year.