Internet of Things (IoT) Security

Internet of Things Security

As we populate our smart homes and start building the dream of a connected home, remember that every new Internet of Things (IoT) device needs to be connected to your home network. More often than not, these devices also need to have outside facing functionality, making them easy to find for hackers. One of the ways that a device can end up network tapping your home is through the Address Resolution Protocol (ARP).


ARP Spoofing or ARP Poisoning has been used by hackers for decades to attack private networks. It is a form of network tapping that allows a malicious user to gain access to your local area network by imitating the router. This is a common vector for man in the middle (MITM) attacks. Every time you allow a new IoT device to enter your private network, or put your own hardware on somebody else’s private network, you are susceptible to this attack. The only way to be protected on any network (including your own) is with encryption - the primary tool of a Virtual Private Network (VPN).


Network Tapping Software and Network Tapping Hardware

Network tapping hardware is everywhere. By definition, any IoT device is capable of compromising and snooping on your network if maliciously used. Any device that has a wireless chip can be used to find the location of wireless networks for future attack. Fittingly, there are even mods that exist that let you use your Nintendo DS or Sony PSP to discover and map nearby wireless networks for future attack. As an example of how insecure our world is, you can see a map of vulnerable wireless networks on this website, Wigle.net. The act of searching for wireless networks while you drive around is called “Wardriving.” Wardriving devices can discover and remember the location of open wireless networks and nowadays can even illegally brute force access to the network password.


Network tapping software is often used in conjunction with existing hardware or even specially designed network tapping hardware. Since its invention as “wardialing” decades ago, wardriving has become easier than ever as technology has advanced. If you want a scare, look at this guide for a recently released wifi sniffing device that can be used to identify those vulnerable to a network tapping attack.


Can you trust your Google Nest? A Note on Used IoT Devices Safety

Security is a fickle thing and it is true that most users will decide that trusting the companies they buy IoT devices from will be all the security they’ll need - they are wrong. At the very least, you shouldn’t buy used IoT devices. One security firm, TrapX Security, has proven that a physically tampered with Google Nest Thermostat can be used to access your home network’s other devices. You should always be wary of new devices to your network.


How Do I Secure My Network From Network Tapping

The only way to be protected from unwanted snooping on any network (including your own) is with encryption - the primary tool of a VPN. By using a VPN from your personal use device (or setting your router up with a VPN) you can make sure that all communications to and from your devices are being encrypted and aren’t being tapped.


While other security protocols such as SSL/TSL that do use encryption do exist that protect the traffic to and from devices on a network, Symantec has found that some IoT devices don’t even ship with that basic functionality. Even with SSL properly configured and HTTPS everywhere, a Man-In-The-Middle (MITM) could try a downgrade attack to force the browser to use a weak cipher and thereby break the encrypted messages. Symantec’s survey of 50 different IoT devices shows that many of these things are vulnerable on your private home network. These devices are in homes in every corner of the world - how are you protecting yourself from this latest attack vector?


Visit the Buy VPN page to get started.


귀하의 개인 정보가 노출되고 있습니다
리스크 없음. 30일 이내 환불 보장

1개월 

1년 

* 모든 금액은 USD로 표시되며, 모든 할인은 매월 $9.95의 현재 월간 서비스 요금을 바탕으로 인하 금액이 반영됩니다.
³ 회원 가입 시 한 번 청구되며, 무료 추가 시간은 일회성 프로모션입니다.

"Private Internet Access는 성능 및 기능면에서 경쟁사보다 뛰어납니다"   -   PCMag logo

대량 구매입니까? 지금 이용하기

VPN 기능

보안 VPN 계정
암호화된 WiFi
P2P 지원
WireGuard® 및 OpenVPN
동시에 10개 장치
광고, 트래커 및 맬웨어 차단
다중 VPN 게이트웨이
무제한 대역폭
SOCKS5 프록시 포함
트래픽 로그 없음
빠른 설정
사용하기 쉬움