The Internet of Hackable Things
CISSP Content Helps Protect Your Home Network
More Convenience, Less Security
Your fitness watch can track your heart rate and then pass that information in real time back to your smart phone. Your doorbell can alert you to who is on your doorstep and allow you to remotely unlock your door. And your Wi-Fi-enabled scale can produce reports about your body fat percentage (which is probably growing since you don’t have to get up to answer your door anymore).
These “smart” devices are making life more convenient. But, because they are connected to the Internet, they represent a vulnerable attack surface that can be exploited by hackers. And this threat is growing in severity. Researchers recently discovered that hackers now have the ability to swipe data as they infect devices. Consumer IoT devices are especially vulnerable to attack because they were designed with convenience in mind, not security. But just because manufacturers didn’t prioritize security, doesn’t mean that you, as a consumer, can’t take steps to protect the devices and network that are part of your home.
CISSP content offers solutions and best practices to help secure your home, especially when it comes to network security, which is the link between hackers and your devices.
Domain 4, Secure Network Communications: Protecting Your Wireless Network
Every wireless network has a unique service set identifier (SSID), which is a naming system used to differentiate between one network and another. Even if you don’t know what an SSID is, you’ve probably seen them when you open your Wi-Fi settings and search for networks: “Starbucks Wi-Fi,” “Free Wi-Fi,” “Get Off my LAN.” When the SSID is publically broadcast, anyone (including hackers) can see it. Disabling your SSID is a good way to keep your network private. However, SSID hiding is not a foolproof method; hackers can discover hidden networks with a simple packet sniffing tool. But lowering your profile will make your network a harder target than your neighbor’s.
Another easy network protection method is changing the default usernames and password that come with network devices. Default usernames and passwords are dangerous because hackers can easily find and purchase them on Internet forums or markets. When you have updated the default password, consider using a passphrase (AND, PLEASE, DO NOT WRITE IT DOWN AND TAPE IT TO THE TOP OF YOUR ROUTER).
If you are technically inclined, consider network segmentation. This is when you split network traffic among your devices, effectively isolating certain traffic. This helps prevent hacking across devices. For example, you can use a VLAN switch to isolate your IoT device traffic from your home network that you use for work and other sensitive transactions. In other words, if your smart refrigerator is hacked, it won’t compromise your financial transactions.
Consumers Can Meet Hackers on the Front Line
As you accumulate more and more IoT devices, the amount of risk you introduce into your home increases. Becoming a Luddite and banishing technology from your home is not a realistic solution, as tempting as it may be. But what you can do is make hacking harder for hackers. A great place to start, as Domain 4 recognizes, is with your wireless network.
Learn the Material by Learning Its Real World Implication
Tying CISSP concepts to real-world, prevalent security issues is a feature of CyberVista’s CISSP Live Online course. This linking makes the content relevant, useful, and easier to remember. Learn more about CyberVista’s prep course here.