After a wave of recent lawsuits accusing Amazon for lax security on their Ring security products, Amazon is changing its privacy settings to make sure Ring cameras are secure out of the box.
Starting in February, new customers who purchase the popular security camera-doorbell system will find the default setting now requires two-factor authentication. While the setting can be switched off, new users won’t be able to set up the device without manually changing that setting.
How Hackers Break Into Consumer IoT
“Hackers use millions of previously-compromised email addresses and passwords to break into internet-connected cameras remotely,” said CI Security CTO Mike Simon in his comments this week with KOMO News, a local ABC affiliate station. According to Mike, someone who can hack into consumer IoT might also be able to gain access to the operating system that connects those devices.
"They have control of a thing in your home, they can do a lot with it. It's as if they brought a laptop into your home and plugged it into your network," Simon said.
Click on the image below to watch the news clip and read the story on KOMO News.
What Consumers Can Do about Home IoT Now
When people connect devices, they often log in without changing the factory settings created by the original manufacturer. Hackers can easily break into those systems and devices. If other credentials are needed, they simply tap into a rich dataset of stolen credentials and open source intel to hack into their target.
To counter this risk, people should take these four actions to secure their home IoT devices:
- Set up a designated WiFi router for each connected device.
- Create a different password for each account.
- Make longer, stronger passwords for every account.
- Always use 2-factor authentication.
After taking these protective measures, consumers can greatly minimize their risks of cyber intruders gaining entry to their homes through connected IoT.
The Market’s Influence on IoT Cybersecurity
Both consumers and security experts have been shocked to watch the real-life videos and hear stories of hackers breaking into homes using consumer #IoT, like Ring Doorbell Cameras. And Ring hasn’t been the only home #IoT device to make recent news. Stories of strangers spying on and harassing people in their homes, including children, by hacking into home IoT have been around for a few years now.
These stories shed light on the simple things manufacturers can do to prevent these digital home invasions, like making two-factor authentication the default security setting. While it’s true that consumers can drive cybersecurity as a competitive differentiator in the market – most manufacturers have to experience some public security event to take action. Amazon is finally stepping up to address the issues with Ring, but only after getting sued by customers and covered negatively in the press.