The hidden dangers of Christmas gifts: how to prevent technological devices from becoming a threat

Internet-connected devices solve users’ lives. Security cameras, vacuum cleaners, appliances and other devices that can be charged over the network allow remote management of functionality. However, the entire universe IoT (Internet of Things) may represent a security problem.

Technology analyst firm IDC predicts there will be 41.6 billion connected IoT devices by 2025. During the Christmas period, the use of these IoT devices increases, both to decorate homes and for gifts from the Three Kings: Christmas lights that light up from our smartphones, smart trees, connected sockets, present as watches that detect heartbeats and health status, home automation locks, among many others.

IoT devices are objects that connect to the Internet and can communicate with each other or with other systems. These objects can have sensors that collect data from their environment or actuators that perform remote actions. Other examples of IoT devices include smart thermostats, smart watches, self-driving cars, and even smart cities.

“Check Point, a leading global cybersecurity provider, recognizes the great benefits that IoT offers: convenient interconnectivity, accessibility for everyone from anywhere, and profound technological innovation. However, IoT devices can also pose a risk to the user: personal information is stored inside them and the devices interconnect with others over the network, Therefore, user privacy is more vulnerable than ever,” the company explains.

But in order to safely enjoy these devices it is essential that users are sure that all technological gifts this Christmas are used well.

How to be careful with IoT devices

• Use strong passwords: It is increasingly common for Santa Claus to carry smart devices in his gift bag, and all of them come with pre-determined passwords that are easily vulnerable to cybercriminals. To improve your level of security, we recommend that you change the factory-provided username and password and replace them with more complex ones. We recommend using multi-factor authentication (MFA) to improve security. You should avoid reusing passwords across different devices.

• Firewall installation and device update: The gifts received will remain in our home and the more devices are connected to the network, the more vulnerabilities attackers will be able to find to access a user’s home. To prevent this from happening, it will be essential that these IoT devices have firewalls that protect them and block all the information they store. On the other hand, the software of these devices must be updated periodically to prevent Cybercriminals exploit known vulnerabilities.

• Use VPN connection whenever possible: Another essential measure to keep these IoT devices safe is to always use a secure connection. VPN (or Virtual Private Network) is a more secure technology that provides online privacy and security to the user, since the data transmitted between the device and the server is encrypted.

• Enable the notification mechanism in case of suspicious events: The system can detect unusual behavior patterns and alert you when this occurs. This prevents attacks and produces a faster response.

• Remove IoT devices that are not in use: With new IoT devices received over Christmas that are not connected to the network, you need to review what other devices you use on a daily basis and identify any obsolete ones. If there is a device that is not being used, updated or monitored, but is still close to the environment of other devices, it can represent a risk, since it is still interconnected with others. It is recommended to disconnect it from the network to reduce the chances of access by cyber criminals.

“At Check Point Software we have identified the risk that the use of IoT devices can pose for users, as they offer very weak security systems. To maintain an adequate level of security at home, it is essential that consumers know the risks that these IoT devices pose to their daily lives and, above all, acquire the necessary knowledge to protect them and thus avoid any type of incursion as much as possible in your privacy. The greater the number of devices, the higher their level of protection must be if we want to be safe from cyber attacks,” explained Eusebio Nieva, general manager of Check Point Software for Spain and Portugal.

A year full of cyber attacks

According to Microsoft’s annual report, cyber attacks are on the rise in 2023. While each company’s telemetry varies, in general, Everyone agrees on this increase.

“Microsoft telemetry indicates a higher rate of ransomware attacks compared to last year, and human-operated ransomware attacks have tripled since September 2022. Going forward, we expect ransomware operators will look to leverage automation, artificial intelligence, and hyperscale cloud systems to scale and maximize effectiveness of their attacks,” they said. explained.

Ransomware is a very serious problem for companies and public bodies. This year there have been attacks against emblematic institutions such as the University of Buenos Aires, PAMI and the National Securities Commission, as well as companies such as La Segunda.

As far as IoT devices are concerned, Microsoft has also identified growth. “Of the 78% of Internet of Things (IoT) devices with known vulnerabilities in customer networks, 46% cannot be patched. Therefore, a robust OT patch management system is an essential component of your cybersecurity strategy, while network monitoring in OT environments can help detect malicious activity,” they warn in the report.

Device security will continue to be challenged in 2024.