FBI recommendations on consumer IoT security

Back in September, the FBI issued a security warning for the IoT, how it brings opportunties for criminals:

http://news.softpedia.com/news/fbi-issues-alert-on-the-security-of-internet-of-things-iot-devices-491566.shtml

Excerpt of their recommendations:

Consumer Protection and Defense Recommendations

* Isolate IoT devices on their own protected networks;
* Disable UPnP on routers;
* Consider whether IoT devices are ideal for their intended purpose;
* Purchase IoT devices from manufacturers with a track record of providing secure devices;
* When available, update IoT devices with security patches;
* Consumers should be aware of the capabilities of the devices and appliances installed in their homes and businesses. If a device comes with a default password or an open Wi-Fi connection, consumers should change the password and only allow it operate on a home network with a secured Wi-Fi router;
* Use current best practices when connecting IoT devices to wireless networks, and when connecting remotely to an IoT device;
* Patients should be informed about the capabilities of any medical devices prescribed for at-home use. If the device is capable of remote operation or transmission of data, it could be a target for a malicious actor;
* Ensure all default passwords are changed to strong passwords. Do not use the default password determined by the device manufacturer. Many default passwords can be easily located on the Internet. Do not use common words and simple phrases or passwords containing easily obtainable personal information, such as important dates or names of children or pets. If the device does not allow the capability to change the access password, ensure the device providing wireless Internet service has a strong password and uses strong encryption.

Full article:

http://www.ic3.gov/media/2015/150910.aspx

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s