The Federal Bureau of Investigation has issued an alert on the criminal opportunities posed by the Internet of things.  With IoT devices becoming more common, the FBI said it was “warning companies and the general public to be aware of IoT vulnerabilities cybercriminals could exploit” and offering tips on mitigating those threats.

The risks posed by the IoT include “[d]eficient security capabilities and difficulties for patching vulnerabilities in these devices, as well as a lack of consumer security awareness,” which provide “cyber actors with opportunities to exploit these devices,” the FBI said.  “Criminals can use these opportunities to remotely facilitate attacks on other systems, send malicious and spam e-mails, steal personal information, or interfere with physical safety.”

The FBI offered several consumer protection and defense recommendations.  They include isolating IoT devices on their own protected networks, disabling Universal Plug and Play protocol (UPnP) on routers, considering whether IoT devices are “ideal for their intended purpose,” purchasing IoT devices from manufacturers “with a track record of providing secure devices,” updating devices with security patches, changing default passwords to strong passwords, and using “current best practices” when connecting devices to IoT networks. – Brian Hammond, brian.hammond@wolterskluwer.com

Courtesy TR Daily