As you’re probably aware, on May 17th Wanna Cryptor (commonly known as WannaCry) became a serious problem world-wide. In the UK alone, 16 hospitals were forced to divert emergency room patients to other facilities because their computer systems were locked down.
This ransomware is a worm – a standalone malware program – that spreads by using Eternal Blue. Recognize that name? It’s one of the NSA-developed exploits that recently leaked.
Eternal Blue is aimed at taking advantage of security flaws in outdated Windows installs. To be more specific, the vast majority of machines infected were in Russia, China and the US, and were running Windows 7.
WannaCry does its damage by encrypting files on the infected machine, locking users out from their own files. The computer owner is then unable to unlock those files without following the on-screen instructions to pay a ransom.
Of course, malware like WannaCry is just one approach hackers take. There are numerous other forms of malicious software. These are the most common:
- Virus – [internal] is a type of malicious software program that replicates itself and infects other computer programs, modifying them
- Worms – [external] a standalone malware computer program that replicates itself in order to spread to other computers
- Trojan horse – a Trojan horse is malware that disguises as legitimate software, and is employed to infiltrate user systems
- Spyware – obtains covert information about a computer owner’s activities and stealthily transmits data from their hard drive
Since malware typically targets operating systems, it’s therefore possible for it to infiltrate phones, tablets, and a host of other devices that connect to networks.
As you can thus imagine, the IoT revolution thus comes with its fair share of security challenges for IT professionals and security experts to tackle.
Home and building automation networks are no exceptions.
Home and Business Automation
WannaCry spread to over 10,000 companies spanning 150 countries. In total, roughly 200,000 computers were affected. So in the grand scheme of things, it’s hardly a drop in the bucket. Even though none of us wants to go through this particular kind of hell, these types of incidents won’t cause large-scale change in the internet landscape.
Thus, smart building automation will continue to be both a promising and thriving industry.
Automated window shades, sound systems, PoE LED lighting systems, refueling stations for hybrid cars, sensors, smoke detectors, door phones & cameras, remotely accessed security and smart energy meters, can all make homes and businesses so much sweeter. They give owners control. They help network owners save money and improve life. It’s really a win-win.
Businesses willing to take the bold step into the the Internet of Things are generally pleased. In fact, owners often can’t find enough superlatives to describe how much smoother their operations run after finalizing their particular integrations.
Vulnerabilities & Solutions
Network security might seem a bit overwhelming to understand and implement, especially for the average smart technology user. We hear you… “this is not what I signed up for!”
The trick is to start thinking about your network (home or business) like you do would a bank or your own house. You want proper locks and safeguards in place. Maybe you want intrusion detection systems installed.
In short, you want serious security measures taken to prevent anyone from even attempting to break-in. Given how careless many users are with their network security, it’s not uncommon to see hackers break in through unsecured ports, weak passwords, or outdated encryption methods.
As you can probably surmise, most networks are vulnerable to attacks due to human error. The end-user is (and always will be) just one click away from opening up a door (connection) for intruders. It’s thus an element of network security that absolutely must be addressed.
Employee use of personal email on office computers. Employees clicking unknown links. Employees falling victim to phishing scams. Unfortunately, that’s all that’s needed for a malware injection to occur.
One solution is to filter the applications and content that are allowed on office computers. This can be frustrating for employees but can also minimize the possibility of someone allowing a data breach or malware injection.
Many companies do something similar by filtering all social media platforms from getting online on their business networks. Some take it to a greater extreme by blocking everything except for a few select apps. That would mean, personal email, social and even search engines could be blocked.
Open source firewalls such as pFSense and Vyos are an easy way to take these steps on your own network. There is of course, a bit of a learning curve. But once everything is setup, maintenance and the update processes are fairly straightforward.
In the coming years, we can expect the role of many IT admins to shift to include more security-related responsibilities. It will be a tough transition for some, but the results will benefit everyone.
Privacy is entirely possible for any home or business network. But in a business setting, the priorities and parameters must be planned ahead of time. Guarding yourself and your business means securing important details.
- Personal privacy
- Financial information
- Health information
- Data privacy
- Trade secrets
- Proprietary information
Managed switches can actually help silo and secure insider access between departments. Limiting access rights is a big step toward sealing off valuable data from misuse or malicious intent.
Knowledge is Power
Your family, your employees, and your customers expect their networks to be safe. Who can blame them? It’s a reasonable expectation.
If you’re in charge of the network, fear not. You can indeed improve security and adherence to best practices.
An automated smart building or home can be well worth the efforts required. Convenience, financial savings, and better quality of life are just some of the benefits you can harvest from jumping on the IoT band wagon.
Just be sure to read up on internet security and keep it in mind when you’re implementing new policies.
If you’d like tips on setting up your automation for home or business, reach out. Our analysts are ready to serve.