As the concept of a connected world is becoming more and more popular, different types of smart home appliances have become first choice for millions of families. And because of this, the cyber attacks on IoT are changing to multiple modes. Outlaws can access all connected appliances by only hacking one router. According to Helpnetsecurity, U.S. (28%) and China (7%) are the two countries that experience the most cyber attacks. In 2015, the X-code Ghost incident had deeply influenced China’s iOS development environment. It still reigns as the most famous cyber security accident regarding the Internet and IoT in China.
Lots of Chinese developers used an unofficial iOS development kit that had been modified by malware, later dubbed X-code Ghost. The malware injected third party code into apps compiled with it. Since this attack happen on the developer side at compile time, even jail broken devices were affected. The X-code Ghost incident influenced lots of popular apps that have billions of users, such as WeChat, Didi, and so on. Both of these popular apps affect every facet of Chinese user’s normal life because of IoT.
IoT security attacks caused because of the Internet will not only impact normal people’s life, but also produce more serious problems to large-scale enterprises. Based on the report titled Toward New Possibilities in Threat Management from Price Waterhouse Coopers in 2017, the number of cyber attacks in the East Asia region has rapidly increased by 969%, and security incidents of industrial IoT have increased over 22x. Due to most enterprises using semi-automatic production models, and the popularity of smart connected systems, countless IoT devices have been utilized into the production process. But, many parts of these devices are still keeping the factory passwords, which are weak pins like “user” and “admin”.
They Get You Coming in and Going Out
For general users like us, right now, there are two kinds of cyber attacks: inbound and outbound. Inbound cyber attacks target our smart devices like phones, tablets, or cameras directly. DNS Amplification Attacks are common outbound attacks, with over 80% of family level cyber attacks resulting from router issues. To this point, Helpnetsecurity suggested three tips to actively avoid attacks. First, we need to periodically change the passcode of our smart devices and family Internet. Second, do not connect to unknown Wi-Fi and Bluetooth devices. Last but not least, upgrade device software in a timely fashion.
Nowadays, both iOS and Android will send out an upgraded version regularly, even every app on our phone will release upgrades frequently. Some users think these upgrades are annoying and choose to shut down this function, but most of the upgrades are related to security issues. As normal users, timely upgrading of our devices and apps is our best way to increase our cyber safety.
Author: Fei Zhao