A casino was hacked through a fish tank in April. Just saying that sentence out loud a couple of years ago would have put me on anti-psychosis medication but today it’s an actual risk!
Since it appears all these IoT’s (the concept of basically connecting any device with an on and off switch to the Internet) are inherently insecure, then it’s better to assume that someone else may be in them from the outset...but what can I do about it? I still want to open my garage door from my phone and look at my doorbell when it rings from the office and also change the temperature of the house without having to walk 5 feet to change it manually like a caveman. So… what do we do?
Imagine you are driving down the road and all the cars on your side of the street are going in the same direction and every car is evenly spaced out. Everyone is respectful and keeping to themselves. This is what your normal network should look like. Each car is a different computer, or server, or device on your network all working in symmetry .
If a bad actor (what we call hackers these days) manages to take over driving one of the cars, she’s in the race. Once she is in the race, then she can try attacking everything else on the network by using that first car (device) as a launching off point. This really does remind me of the Agents in Matrix Reloaded jumping from car to car causing chaos and causing cars (devices) to crash and burn. Now, your road has turned into fury road.
Back to the question at hand… what do we do about it?
Build another highway, that’s what. Create a separate network (this can be done virtually without any more systems costs if you have the right equipment) that you put all your theremostats, smoke alarms, auto pet food dispensers, garage door openers, toilet seats, even your own newborn baby devices onto. Stop those IoT devices from being able to talk to your normal computer network. All those devices can be interfaced from the cloud through the internet anyway, so don’t risk exposure by putting your next IoT device on your standard corporate WiFi. This exposes you to risks that can actually be pretty severe!
Karl Fulljames | VP of Operations