Be careful of fitness devices!Don't forget that the IoT device also has vulnerabilities
With the epidemic of COVID-19, many people have benefited from IoT devices and seamlessly moved fitness habits from the gym to the living room. IoT (Internet of Things) means connecting devices that incorporated sensors and software to each other and collecting and sharing information via the Internet. Typical IoT devices used in virtual fitness include wearable terminals such as fitness machines with digital interfaces and fitness trackers. Many people are aware of the risks of online security while promoting workout habits with such devices. McAfee Labs Threats Report reports that new IoT malware has increased by 7 % since the start of COVID-19 pandemic. Users should respond to keep their devices safer without reducing their performance. First, you need to understand why devices are likely to be cyber attacks.
Why IoT devices are vulnerable
Like laptops and mobile phones, IoT devices are connected to the Internet.The IoT device has a built -in system with a firmware, software and operating systems, so it is exposed to malware and cyber attacks as well as other devices.
One of the reasons why IoT devices are vulnerable are the update structure or update.IoT devices do not have strict security updates such as laptops or mobile phones.As a result, updates are not performed frequently, and in some cases, updates may not be performed.
When a new model is released, older devices will lower the priority for developers and will not be updated as the latest devices.Even worse, if the developer goes bankrupt, there is no way to update existing vulnerabilities.
Thus, if the update is not performed, cyber criminals can enter the device and use the hardware component.This is a great risk for users.For example, the GPS of the device can identify the current location or eavesdrop on private conversations using video cameras and audio technology.
In addition, IoT devices with vulnerabilities without patches are convenient for hackers to enter the home network and reach other devices. If the device has not encrypted the data to be transmitted between other devices or servers, the hacker can interfere with this and disguise communication. The spoofing is to sending fake information as a legitimate source (in this case, a back -end server or IoT device). For example, hackers can disguise communication between wearable terminals such as fitness trackers and servers, operate tracking data, and display excessive physical activity levels. And it is possible to earn financial benefits by providing this data to a third -party website that provides insurance companies and financial incentive programs.
In addition, hackers use the vulnerabilities of the device to spread malware to other devices on the same network, and have been connected to botnet (programmed to execute automated tasks.You can also build a network).And you can use this botnet to set up a DDOS attack (Distributed Denial of Service) or an intermediate attack.
Four hints to protect IoT devices
Regardless of whether you monitor your health and physical performance with IoT devices, it is essential to take precautionary measures to minimize the risk of digital security.Here are four measures to safely incorporate devices into fitness habits.
1.Router safety measures
The default names and passwords are a good target for hackers.Take first measures when securing the router security.The default router name may include the manufacturer or model name.Changing this name will not be able to identify the model of the router, reducing the opportunity for hackers to enter home networks.And the effective way is to make the router password long, complicated and difficult to guess.
Next, enable the highest level of encryption of Wi-Fi Protected Access 2 (WPA2) or higher.A router that adopts an old encryption protocol such as WPA or WEP (Wired Equivalent Privacy) is more susceptible to a Blue Force attack, in which hackers try and error to estimate user names and passwords.In the WPA2 or higher encryption method, only the permitted user will be able to use the same network.
Finally, create a guest network and separate the IoT device from important devices such as laptops and mobile phones.Even if the hacker enters the IoT device, the damage is limited to a specific network device.
2.Regular update
Updates are important not only for normal bugs and changing algorithms, but also for adjusting device software vulnerabilities.
In particular, device makers are often not informed of the update in an easy -to -understand manner, so be sure to keep up with the update information of the device maker.Please access the manufacturer's website regularly so that you do not miss the affected news and information.Also, don't forget to update the apps that support the IoT device.If you make regular updates in the settings automatically, you do not need to manually update.
3.research
Get research before investing a lot on IoT devices.Make sure these devices are reliable vendors.The vendor may be a matter of determination, whether it has been leaked data in the past or a performance of Grade A, which offers high security products.
Also note that the information collected by the IoT device and how the vendor uses the information and what is disclosed to other users or third parties.Do you protect user data by a privacy policy according to the Pipeda rules?
Above all, understand what kind of control can be done regarding privacy and information.This is a good sign if you can set your information from collecting your information with the IoT device, or if you can access and delete the collected data.
4.Disable unnecessary functions
The next time, when running geolocation with a smartwatch and running, consider the risks of virtual security and even physical safety.Enabling only the functions required to optimize fitness performance can enhance security and prevent hackers from making privacy infringing on privacy.
Strengthening security measures
IoT devices have made it possible to exercise at home because of its ease of obtaining and ease of use.However, IoT devices are one of the many threats that threaten personal privacy and online safety, despite the ability to optimize fitness experiences.In order to enhance the fitness effect by performing great workouts, start security measures to safely incorporate IoT devices in your daily exercise habits.
Maintain the latest status
Collecting information from daily news is important.To obtain the latest information on information on maintaining digital safety, the latest information on macafee products, and the latest information on the latest consumers and mobile security threats, @mcafee_home (US) or @mcafee_jp_sec (Japan) on Twitter (Japan)) Please follow me and ask Podcast Hackable.
* The contents of this page are the contents of the following Mcafee blog updated on May 14, 2021 (US time).Original: How to Safely Incorporate IoT Into You Fitness Author: Jean Treadwell
■ Related site
