IOT Seperation

Pippin166Pippin166 Member Posts: 3
First Comment Photogenic

Am I worrying un-necessarily?   All the security advice says to put the IOT on a separate network or sub net. However if you do this then the functionality of many of them   like Chromecast and Hive stop working without jumping through hoops to log on to the other network, which sure defeats the object of isolating them.   

My network is secured with all the usual advice to prevent it from reacting to pings and such from the internet.  If I can’t be seen from the outside world how will hacker get in to compromise them?

Best Answers

  • MarcMarc Moderator, Beta Tester Posts: 2,126
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    Accepted Answer

    Your location doesn’t really matter. And it’s generally not the neighbor hacking you, though that’s always a possibility. It’s usually some malware or other back door that allows bad actors to get in and exploit you remotely.

    if your careful, use anti virus etc, keep your items up to day patch wise, practice safe computing . Don’t click on strange links, if it’s too good to be true it probably is. Always be distrustful of what you get in email unsolicited.

    I know I sound preachy but these are common sense when your on the net.

    So bottom line, if your careful you should be fine.

    Thats Daphnee, she's a good dog...
    Thorathome
  • Pippin166Pippin166 Member Posts: 3
    First Comment Photogenic
    Accepted Answer
    Hi I don't have PnP enabled here are no open ports for ti IOT devices v and all of them are from reputable sources Amazon, Google and British gas for instance so this brings me back to my original point am I worrying un-necessarily. I don't think as the attack  vector is very small. and the convenience of the   IOT devices over rules this.   If I should get some third world light bulbs then I might start worrying again.
    Thanks for the reply 

    Marc

Answers

  • MarcMarc Moderator, Beta Tester Posts: 2,126
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    I have a feeling the responses your going to get will be all over the place.  Personally, I keep my iot devices on the main network for the reasons you state.  I try to take reasonable precautions with my network and the devices I have control over which is the best I can do.  The reason people say to isolate is if they get hacked, the worst case is they will only be able to attack other iot devices.  You have to weigh the risks with convenience or inconvenience with what separation may cause.
    Thats Daphnee, she's a good dog...
  • Pippin166Pippin166 Member Posts: 3
    First Comment Photogenic

    I agree but the thought "if they get hacked " is my point how likely is that with a protected network in a rural setting where it is unlikely to have "bad actors " sitting around trying to break into my network.

  • MarcMarc Moderator, Beta Tester Posts: 2,126
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭

    One last thing. Backup!!! Make sure you have your data in multiple places. If your hacked, locked out of your system or otherwise completely compromised, you can always start over again computer and software wise, but generally your data is irreplaceable.

    And make sure you check regularly to make sure whatever backup system your using is working.

    You don’t want to discover that your backup is not working on the day you need your data.

    Thats Daphnee, she's a good dog...
    Thorathome
  • ThorathomeThorathome Member, Beta Tester Posts: 10
    10 Comments First Anniversary 5 Likes Photogenic
    edited February 23
    If your IoT devices are talking only to Amazon (Alexa devices) or Google (Home/Nest), then the chance of you being hacked by them or through them is pretty low. Google’s and Amazon’s security is better then yours, or mine, or nearly anyone else’s. However, if your devices are talking to servers outside of your home network and you’re not exactly sure whose servers they are, then there’s some risk of eventual intrusion into the rest of your network. If you have opened ports so your devices can communicate, or you enable PnP, then your risk runs a little higher again. 

    What is the risk? With known IoT communications to known servers, not much. Primary risk is that someone running or hacking into your external IoT app servers tries to insert something in your network, most likely to clobber someone else with a DoS or Denial of Service attack. There’s even a tiny risk that someone wants to clobber you. 

    So if you stick to big IoT brands who have lots to lose, you’re probably ok. Always use security/anti-virus software on your devices, phones and laptops, yes, Macs, too. Switch off PnP if you can. See if you can avoid opening ports because some device told you to. And use Fing and your Fingbox to check for strange happenings on your network. I have a bunch of IoT devices using Google, Amazon and Blynk software. They’re all on my main network and nobody has died yet from it. But I keep an eye out. 
    Marc
Sign In or Register to comment.