Cybertip: Things to watch out for in the Internet of Things

20.04.2023 - The Internet of Things (IoT) offers many advantages: heating systems, fridges, TVs, WiFi routers and various other devices can be connected to the internet, allowing them to be operated and monitored remotely. In manufacturing too, entire production processes can be operated via the internet. Yet, in addition to all the opportunities and convenience, the IoT also carries risks. What exactly is the IoT, and what opportunities and risks does it involve?

The Internet of Things (IoT) refers to devices and physical objects which can be connected via cable or wirelessly to a network such as the internet, and which can use the network to communicate with each other or to provide information. If such a device is connected directly to the internet, rather than only to the private network, authorised users can consult the information remotely and even operate the devices remotely, which means that data and devices are exposed as a result. It is all the more important to have protective measures to prevent unauthorised access.

Advantages of the IoT

The IoT offers many advantages. In a smart home, various everyday appliances are networked: coffee makers and washing machines, which the user can switch on while on their way home; fridges that tell us when we are about to run out of milk; thermostats which can be used to control the heating; and light switches. This brings greater comfort, energy efficiency and even improved security. For example, smoke detectors which automatically send information to users' mobile devices or alert the emergency services can help to save lives.

In manufacturing, machines, tools and systems can be interconnected. Individual processes and whole process chains are networked and automated by making the individual components communicate and synchronise with each other. This offers considerable advantages, especially in production, inventory and logistics.

Risks of the IoT

Although many users know that they need to protect computers and mobile phones that are connected to the internet, they are less aware of the security risks relating to IoT devices.

Each device that is connected to the internet and insufficiently protected is vulnerable to attack by cybercriminals and offers a gateway into an entire network. Webcams, printers, security cameras and smart TVs are just some of the devices that have already been hacked. Often, they are purchased and then left in their standard configuration. As a result, they are protected by only the standard password, which can be easily hacked. Missing security updates, for example, also mean that they are not up to date. If such an unsecured device can be accessed directly from the internet, it is easy for attackers to hack it.

Shodan – the search engine for the IoT

Like websites, devices that are connected to the internet can also be searched and found using search engines. This is where search engines like Shodan come into play. To understand how Shodan works, we need to understand the difference between the world wide web (www) and the internet. People generally refer to the world wide web and the internet as if they are the same thing. But this is not the case. The internet is a global federation of networks in which any connected device can connect to any other, for instance a smart watch or a surveillance camera, in other words to devices in the Internet of Things. By contrast, the world wide web is "only" an internet service which allows websites to be transmitted and their content to be presented in a web browser. The www represents only a tiny portion of what is actually connected to the internet. To find www content (websites), people can use search engines such as Google or Bing.

Shodan can be used to find devices and systems that are connected to the internet, which is why it is also known as a "search engine for the IoT". Shodan scans IP addresses connected to the internet, looking for open ports and analysing the results. These results are entered in a database, which the user can search for specific key words and filter according to criteria. For example, the database can be searched for terms such as "webcam", "smart TV" or "printer". If any entries are found that correspond to the search terms, Shodan delivers the results together with some additional information. Among other things, it shows IP addresses and ports which can be used to access the devices.
However, this also means that devices which are directly connected to the internet can be found by anyone, without the need for specialist knowledge. It is also possible to see details about the installed software version and therefore to tell whether a device is vulnerable. Cybercriminals use this information for their attacks. It is thus important to protect all IoT devices from unauthorised access.

Tips:

• When you set up a device, set your own password instead of the standard password;
• Use a complex password for access (at least 12 characters, including numbers, letters and special characters) and, wherever possible, a second authentication factor;
• Make sure that IoT devices are up to date;
• Always install updates immediately;
• Make sure that IoT devices such as webcams, smart TVs and printers cannot be accessed via the internet if this is not necessary for their operation;
• If access via the internet is necessary, other risk-reducing measures must be implemented. One option is to secure access to the IoT device via the internet by means of a VPN connection. Alternatively, you can restrict access via the internet by using an IP address filter (which permits only certain IP addresses to access the device) or a GeoIP filter (which restricts access to the device to Swiss IP addresses, for example).