There is a major trend to connect everyday items to the internet — everything from remote access cameras, security systems, baby monitors, lights and refrigerators to personal tracking tools and other monitoring systems, but a recent distributed denial of service attack illustrated just how vulnerable all of these devices are to hacking.
Unknown hackers used millions of internet of things devices found in homes and offices to facilitate a massive cyber attack that disrupted access to sites such as Twitter, Amazon, Netflix, PayPal, The New York Times, CNN and other businesses that were customers of Domain Name Server provider Dyn Inc. The attacks came in three waves and affected users as far away as Europe and Australia, and disrupted business for multiple online retailers.
While many people are aware of the importance of password protecting their cellphones and commercial internet access, many personal networks and the smart devices that use them are extremely vulnerable to cyber attacks.
"There is huge promise with all of this technology," explains Christie Alderman, vice president of client product service for Chubb Insurance. "There all kinds of great things that IoT devices are doing to help homeowners such as letting you see who's at the door, sensing when you've left your garage door open, sending you notices when water leaks occur, a fire breaks out or the humidity is too high."
Many insurers recognize the value of these monitoring devices because they alert homeowners to problems and provide valuable data on the homes that assist in establishing a home's risk profile. Research firm Gartner, based in Stamford, Conn., estimates that more 6.4 billion connected "things" will be in use around the globe this year, but there is more to consider than just taking them out of the box and connecting them to the internet.
"Customers have to keep security in mind," cautions Alderman. "Is the device encrypted? Are strong network protections in place? Every device has its own IP address and some vulnerabilities."
The same internet of things devices that provide critical information also create serious vulnerabilities that must be mitigated. (Photo: iStock)
|Internet of things safety
Because of the increased frequency of denial of service breaches, it is vital for individuals to take steps to protect themselves and their devices. Alderman says that while it may be convenient to know what's in your refrigerator so you can stop by the grocery store on the way home, it's important to know who else might have access to the information.
"Use passwords with numbers and symbols," advises Alderman. "Consider changing device passwords at least annually. Understand the fine print. Know who the information is going to and what is being shared with third parties."
In addition to devices malfunctioning or being used for a distributed denial of service attack, and information being stolen, those with cameras or sound monitors could be used for ambient listening, which allows a hacker to hear or see what is going on in the house.
Before a device is hacked, ensure it has a password that isn't the factory preset or is hard to guess. Download any device updates because they often fix vulnerabilities that have been detected. Also consider whether or not a device even needs to be connected to the internet. Just because it can be connected doesn't mean that it should be.
If a hack occurs in the home, immediately change any passwords for the device and possibly the password for the home network. Alderman recommends notifying your insurer since there could potentially be coverage under a liability policy if personal information was compromised. There may also be coverage for credit monitoring and assistance in cleaning up credit records after the breach.
"Agents and brokers really need to talk to their customers about home and liability coverage, as well as cyber risks and other vulnerabilities," she added.
The use of internet of things devices is projected to grow exponentially by 2020, creating even more opportunities for cyber terrorists to exploit their vulnerabilities and disrupt businesses around the globe. Smart users will take steps to protect their devices and information well before an attack.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Patricia L. Harman
Patricia L. Harman is the editor-in-chief of Claims magazine, a contributing editor to PropertyCasualty360.com, and chairs the annual America's Claims Event (ACE), which focuses on providing claims professionals with cutting-edge education and networking opportunities. She covers auto, property & casualty, workers' compensation, fraud, risk and cybersecurity, and is a frequent speaker at insurance industry events. Contact her at [email protected]
