Internet of Things (IoT) Security

Internet of Things Security

As we populate our smart homes and start building the dream of a connected home, remember that every new Internet of Things (IoT) device needs to be connected to your home network. More often than not, these devices also need to have outside facing functionality, making them easy to find for hackers. One of the ways that a device can end up network tapping your home is through the Address Resolution Protocol (ARP).


ARP Spoofing or ARP Poisoning has been used by hackers for decades to attack private networks. It is a form of network tapping that allows a malicious user to gain access to your local area network by imitating the router. This is a common vector for man in the middle (MITM) attacks. Every time you allow a new IoT device to enter your private network, or put your own hardware on somebody else’s private network, you are susceptible to this attack. The only way to be protected on any network (including your own) is with encryption - the primary tool of a Virtual Private Network (VPN).


Network Tapping Software and Network Tapping Hardware

Network tapping hardware is everywhere. By definition, any IoT device is capable of compromising and snooping on your network if maliciously used. Any device that has a wireless chip can be used to find the location of wireless networks for future attack. Fittingly, there are even mods that exist that let you use your Nintendo DS or Sony PSP to discover and map nearby wireless networks for future attack. As an example of how insecure our world is, you can see a map of vulnerable wireless networks on this website, Wigle.net. The act of searching for wireless networks while you drive around is called “Wardriving.” Wardriving devices can discover and remember the location of open wireless networks and nowadays can even illegally brute force access to the network password.


Network tapping software is often used in conjunction with existing hardware or even specially designed network tapping hardware. Since its invention as “wardialing” decades ago, wardriving has become easier than ever as technology has advanced. If you want a scare, look at this guide for a recently released wifi sniffing device that can be used to identify those vulnerable to a network tapping attack.


Can you trust your Google Nest? A Note on Used IoT Devices Safety

Security is a fickle thing and it is true that most users will decide that trusting the companies they buy IoT devices from will be all the security they’ll need - they are wrong. At the very least, you shouldn’t buy used IoT devices. One security firm, TrapX Security, has proven that a physically tampered with Google Nest Thermostat can be used to access your home network’s other devices. You should always be wary of new devices to your network.


How Do I Secure My Network From Network Tapping

The only way to be protected from unwanted snooping on any network (including your own) is with encryption - the primary tool of a VPN. By using a VPN from your personal use device (or setting your router up with a VPN) you can make sure that all communications to and from your devices are being encrypted and aren’t being tapped.


While other security protocols such as SSL/TSL that do use encryption do exist that protect the traffic to and from devices on a network, Symantec has found that some IoT devices don’t even ship with that basic functionality. Even with SSL properly configured and HTTPS everywhere, a Man-In-The-Middle (MITM) could try a downgrade attack to force the browser to use a weak cipher and thereby break the encrypted messages. Symantec’s survey of 50 different IoT devices shows that many of these things are vulnerable on your private home network. These devices are in homes in every corner of the world - how are you protecting yourself from this latest attack vector?


Visit the Buy VPN page to get started.


Map
Your private information is exposed

Our readers made it abundantly clear that Private Internet Access should be your first stop for protecting your private browsing data. - Lifehacker Media

7 day money back guarantee

Monthly

Yearly

6 Months

* any discounts reflect a reduction based on the current monthly service pricing at $6.95 per month

VPN Features

Secure VPN Account
Encrypted WiFi
P2P Support
PPTP, OpenVPN and L2TP/IPSec
5 devices simultaneously
Block ads, trackers, and malware
Multiple VPN Gateways
Unlimited Bandwidth
SOCKS5 Proxy Included
No traffic logs
Instant Setup
Easy to use
world

3251+ Servers in 25 Countries

United States VPNUnited Kingdom VPNCanada VPNAustralia VPNNew Zealand VPNNetherlands VPNSweden VPNNorway VPNDenmark VPNFinland VPNSwitzerland VPNFrance VPNGermany VPNIreland VPNItaly VPNRomania VPNTurkey VPNSouth Korea VPNHong Kong VPNSingapore VPNJapan VPNIsrael VPNMexico VPNBrazil VPNIndia VPN ...and growing