Story image

Internet of Things or Internet of Trouble?

03 Nov 2016

The recent cyber-attack in the United States via the Internet of Things has re-focused attention on the potential threat for New Zealand. 

The source of the angst was default usernames and passwords, and a piece of malware called Mirai that scans the internet for devices still with factory default or static usernames and passwords.  

Mirai took control of those devices, turning them into bots in a united force to overload networks and servers with multiple requests resulting in slow speeds or even shutdowns.

The impact was significant with the distributed denial of service (DDoS) attack against Dyn, a managed DNS provider, crippling sites including Twitter, Netflix, Spotify, Reddit and many others.

According to local cloud IT services company, Dynamo6, the event has highlighted the potential for the same to happen in New Zealand.

“While there are no NZ statistics on how many people don’t change default passwords and usernames, the figures are likely to be similar to overseas, which opens us up to attack. If this happens, there’s potential for damage to our reputation as an easy and open place for business,” says Igor Matich, managing director, Dynamo6.

“But the problem doesn’t only lie with consumers but also with manufacturers and vendors of IoT devices.  Better practices need to be adopted to make sure devices are cloud managed and use cloud identities for configuration,” he says.   

An example is the Google OnHub router that uses a Google account to manage the device along with a dedicated mobile app.  In this way a trusted account is used and also linked to other key identities rather than some other user account setup and stored on the device itself.

“Anyone can produce an IoT device and this is worrying when there aren’t proper standards and practices,” Matich says. 

To the unsuspecting consumer these IoT devices may seem like a great idea for a smart home or office but without the necessary infrastructure they can leave the door open to major security issues, similar to what happened across the US,” he explains.

Matich says IoT devices should never remain on the Internet without ongoing security updates and management. This should happen as a matter of course however, with the eagerness of companies to capitalise on the IoT trend the importance of this can be forgotten.

“The best piece of advice is to only buy from a trusted vendor and always change the default username and password, and update them regularly.  There are many corners being cut in the rush but this risks a major security breach that would harm New Zealand’s international reputation,” he explains.

Online attackers abusing Kiwis' generosity in wake of Chch tragedy
It doesn’t take some people long to abuse people’s kindness and generosity in a time of mourning.
Apple launches revamped iPad Air & iPad mini
Apple loves tinkering with its existing product lines and coming up with new ways to make things more powerful – and both the iPad Air and iPad mini seem to be no exception.
IntegrationWorks continues expansion with new Brisbane office
The company’s new office space at the Riverside Centre overlooks the Brisbane River and Storey Bridge.
Emerging tech helps savvy SMB’s succeed
A CompTIA report shows SMBs are taking on the challenge of emerging technologies to reach their business goals.
Tech community rocked by deaths of Atta Elayyan and Syed Jahandad Ali
Both men were among the 50 killed in the shooting in Christchurch last Friday when a gunman opened fire at two mosques.
NZ ISPs block internet footage of Christchurch shootings
2degrees, Spark, Vodafone and Vocus are now blocking any website that shows footage of the mosque shootings.
On the road again: How to tackle mileage reporting for business
There may not be too much of a budget for company vehicles in an SMB’s day-to-day business, which means many people are increasingly using their own vehicles for work purposes.
Digital experience managers, get excited for Adobe Summit 2019
“Digital transformation may be a buzzword, but companies are trying to adapt and compete in this changing environment.”