Security of the Internet of Things (IoT)

The rapidly adopted idea of everyday devices being interconnected and being controllable from across the globe has come to be known as the Internet of Things (IoT). In every home or business there are now connected devices such as lights, locks, thermostats, and even medical devices which have created a much larger attack surface for every network and could increase the possibility of serious damage if they are compromised. Connected devices are even found in hospitals, power plants, and other secure facilities. Safety and security of networks are imperative not only for secure military installations or infrastructure sites, but also at home, work, and schools to ensure the confidentiality of sensitive information and proper authorization to control systems. The list of IoT devices is growing rapidly, and many people are building their own devices while others are buying inexpensive, but highly rated “smart” products. We examined the risks associated with connected devices and the idea of a “Smart Home”. We demonstrated common vulnerabilities with the do-it-yourself (DIY) and purchased IoT devices. For this demonstration, we built an IoT device using widespread online tutorials and also tested high rated, but inexpensive commercial IoT devices. We exploited vulnerabilities in these types of devices from inside and outside of the network. We also explored the importance of security best practices and how this can prevent the exploitation of these vulnerable devices. We have shown how failure to implement proper security measures can, has, and will continue to result in a range of possible attacks or breaches. If security is not more seriously considered when developing these devices any network with these devices will be vulnerable.