Internet of Things (IoT) Security

Internet of Things Security

As we populate our smart homes and start building the dream of a connected home, remember that every new Internet of Things (IoT) device needs to be connected to your home network. More often than not, these devices also need to have outside facing functionality, making them easy to find for hackers. One of the ways that a device can end up network tapping your home is through the Address Resolution Protocol (ARP).


ARP Spoofing or ARP Poisoning has been used by hackers for decades to attack private networks. It is a form of network tapping that allows a malicious user to gain access to your local area network by imitating the router. This is a common vector for man in the middle (MITM) attacks. Every time you allow a new IoT device to enter your private network, or put your own hardware on somebody else’s private network, you are susceptible to this attack. The only way to be protected on any network (including your own) is with encryption - the primary tool of a Virtual Private Network (VPN).


Network Tapping Software and Network Tapping Hardware

Network tapping hardware is everywhere. By definition, any IoT device is capable of compromising and snooping on your network if maliciously used. Any device that has a wireless chip can be used to find the location of wireless networks for future attack. Fittingly, there are even mods that exist that let you use your Nintendo DS or Sony PSP to discover and map nearby wireless networks for future attack. As an example of how insecure our world is, you can see a map of vulnerable wireless networks on this website, Wigle.net. The act of searching for wireless networks while you drive around is called “Wardriving.” Wardriving devices can discover and remember the location of open wireless networks and nowadays can even illegally brute force access to the network password.


Network tapping software is often used in conjunction with existing hardware or even specially designed network tapping hardware. Since its invention as “wardialing” decades ago, wardriving has become easier than ever as technology has advanced. If you want a scare, look at this guide for a recently released wifi sniffing device that can be used to identify those vulnerable to a network tapping attack.


Can you trust your Google Nest? A Note on Used IoT Devices Safety

Security is a fickle thing and it is true that most users will decide that trusting the companies they buy IoT devices from will be all the security they’ll need - they are wrong. At the very least, you shouldn’t buy used IoT devices. One security firm, TrapX Security, has proven that a physically tampered with Google Nest Thermostat can be used to access your home network’s other devices. You should always be wary of new devices to your network.


How Do I Secure My Network From Network Tapping

The only way to be protected from unwanted snooping on any network (including your own) is with encryption - the primary tool of a VPN. By using a VPN from your personal use device (or setting your router up with a VPN) you can make sure that all communications to and from your devices are being encrypted and aren’t being tapped.


While other security protocols such as SSL/TSL that do use encryption do exist that protect the traffic to and from devices on a network, Symantec has found that some IoT devices don’t even ship with that basic functionality. Even with SSL properly configured and HTTPS everywhere, a Man-In-The-Middle (MITM) could try a downgrade attack to force the browser to use a weak cipher and thereby break the encrypted messages. Symantec’s survey of 50 different IoT devices shows that many of these things are vulnerable on your private home network. These devices are in homes in every corner of the world - how are you protecting yourself from this latest attack vector?


Visit the Buy VPN page to get started.


您的私人信息已暴露
无风险。30 天退款承诺

1 月 

1 年 

* 所有金额以USD显示。任何折扣反映的是在当前每月服务价格(每月 $9.95)基础上的减价
³ 您将在注册时被一次性收费,免费的额外时间是一次性的促销优惠。

"Private Internet Access 的产品比竞争对手性能更强大、功能更丰富"   -   PCMag logo

批量购买? 立即获取

VPN 功能

安全 VPN 帐户
加密 WiFi
支持 P2P
WireGuard® 和 OpenVPN
10 部设备同时
屏蔽广告、跟踪器和恶意软件
多个 VPN 网关
不限带宽
包含 SOCKS5 代理
无流量日志
即时设置
简便易用