Securing your iot devices

2016 has been named the year that the internet of things (iot) takes hold, with a reported 50 million plus devices sold worldwide to date with everything from smart fridges to smart plugs iot is here to stay. It must be noted however with all of this extra connectivity comes a juicy threat surface for cyber criminals to prey on. The main thing consumers need to remember that if you bough a devices that connects to the internet then you can be guaranteed that it needs to be secured. In this post I am going to outline a number of steps you can take to help protect yourself and your family from becoming victims of a cyber attack.

1) Keep your devices up to date

This goes for all devices that connect to the internet but I would especially recommend it for iot devices as new exploits are exposed manufactures may push down patches to solve the vulnerability and therefor you should regularly check to make sure your device is running the latest software.

2) Change the default password on your device

This is a very important step to take as the majority of iot devices are mass produced with a default login and not changing this on day one will leave yourself vulnerable to attack. May I suggest using a password that is at least 10 character long with special characters and capitals and numbers i.e don't use your last name and type 123 after it.

3) Be familiar with your devices privacy section

What kind of information are you saving or sharing through this device and what guarantees are put in place that this information is been protected. Don't assume just because the manufacturer says its a secure device to use that it is and make sure your information isn't been shared with third parties.

4) Be carefully buying a second hand device or selling your own device

Buying a second hand device on line may come pre-installed with malware or a backdoor only buy second hand devices from a reputable dealer. On the flip side think long and hard about selling your device, resetting a device may look like all your data has been cleared but with a little know how a lot of this information may be retrieved. There are a number of programs out there that ensure proper data erasure and this may be something you should look into first.

Protecting Windows 10 (The Basics)

Over the past few months Microsoft have been firing out their new operating system Windows 10 to the world for free. This blog is more aimed at anyone who is just after installing the operating system as chances are if you are a windows user you may have already upgraded or will be doing so in the near future. Like most things that come fresh out of the box to make them work to a level you might expect takes some tweaking. I am going to focus on a few basic steps you should take right away to make your new operating system secure.

1) Run the windows update straight away, I know you may have spend an hour or two installing the dam thing but running windows update will make sure your operating system has the latest patches. To find windows update just click the little search bar at the bottom of your screen and type "windows update" once opened just hit "check for updates" and your done.

2) System restore is turned off by default in Windows 10 so you might want to turn this on. Microsoft have renamed this function as "system protection" so to turn this on head back down to the little search bar and type "This PC" when the logo appears right click on it and select "Properties" click on "system protection" then click "Configure" and turn system protection on.

3) Check your Windows 10 privacy setting by default everything and I mean everything in here is turned on. To get here you go to START > Settings> Privacy spend a bit of time looking over this and make sure you are happy with it.

4) Make sure that all of your applications are updated in an earlier post I mentioned that Secunia PSI was a good application to check this.

5) Make sure you have your anti-virus turned on if you don't have an anti-virus Windows has a build in AV called Windows Defender. You can find Defender by going to the search bar and typing "Windows Defender".

Securing your browser and online accounts

   Browsers:

One of the things that people normally give very little thought to is what browsers they use to surf the internet. Personally the two browsers that I use with the most frequency are:

-Chrome and Firefox

And the search engine that most people use on both of these browsers would be google. By using these popular services however you may also be giving up more personal information than you might be comfortable with. It is a known fact that Google has been tracking your web activity and this explains a lot of the target based ads that tend to appear on websites that you may visit. If you like to get a breakdown of exactly how this can impact you I suggest you take a look at Don't Track Us. To defend against this change the search engine you use to DuckDuckGo. DuckDuckGo does not collect or share any of your personal information. There's no search history, profile or anything else stored, sold, or given to third parties. This means that I can now browse the web without been targeted by ad campaigns temping you to buy the latest new gadgets that you can’t afford. In addition to this if you would like even more web anonymity download and installed the onion browser from Tor.

As stated on the Tor website “Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.” Tor is also very easy to install and can be downloaded from the Tor Project. Once you have the above done there are additional steps that you can take to secure things even more.

Configure your browser’s security and privacy settings

Review your browser’s privacy and security settings to make sure you’re comfortable with what’s checked or unchecked. Frequently, browser updates are released to plug recently discovered security holes. So it’s important to always keep any browsers you use updated. I spoke about the importance of patching your applications in an earlier post and this is no different.
Set up Google alerts for your browser to stay current on any emerging security issues.
Plug-ins and extensions are also an area you need to be really wary of make sure you know what the purpose of the plug-in or extension is and what permissions you are giving it.
The majority of plug-ins and extensions are safe, however, and some can help increase your browser’s security. Below are 3 free browser extensions for added security that you can install.

• HTTPS Everywhere. The Electronic Frontier Foundation and The Tor Project jointly developed this Firefox, Chrome, and Opera extension. HTTPS is a communications protocol for securing communications over a computer network, vs. the standard HTTP protocol, which is more widely used but less secure. HTTPS Everywhere encrypts communication with many major websites to help secure your browsing experience.

• Web of Trust (also known as WOT). This extension for Internet Explorer, Firefox, Chrome, Safari, and Opera helps you determine if a website is safe to surf. The extension displays traffic signal icons next to URLs and links. Green means the site is reliable; yellow indicates you should proceed with caution; red translates to “steer clear.” .

• LongURL.org. If you’re on Twitter or Facebook etc and you see a shortened link embedded in an interesting post, you might click it. Shortened links have been known to mask malicious links. If you’re unsure of a shortened link, copy and paste it into the search box at LongURL.org. You’ll see where the link would take you, without having to actually click through to the site.

Online Accounts:

I believe that this is an area of exposure that you actually have the least control over as you are trusting a third party with my login credentials and personal information. With this trust you can only hope that they are properly securing your data. One area you do have control over however is how secure you make your login to these sites. In the past few years the main social media, email and service providers have offered two phase authentication or two step verification to help users protect their login details. I have  covered how to set this up on the following accounts.

-Twitter

-Gmail

-iTunes

It is straight forward to do this and I will start with Twitter. Once you log into your twitter account navigate to your profile picture at the top right of the page and click here. Now select settings once in the settings menu select security and privacy in here you can turn on log on verification. Once this is turned on you need to select a trusted device and every time you log onto twitter from now on you will need both your password and a unique code that will be sent to your chosen device.

To set this up on your gmail account which will secure all of your gmail accounts using this login i.e google drive, google plus etc. You need to log in and click the little nut type figure at the top right of your screen from the drop down menu select settings. From here select accounts and import and then select other google account settings. From here click on sign-in and security and follow the steps. At the end of the process google will show you a screen ticking off all of the area that are now protected.

To set up your iTunes account you need to go to https://appleid.apple.com and log in. Once logged in navigate to password and security in here you can set up two step verification. iTunes makes you wait three days after requesting to set this up just in case you are not who you say you are. I actually think that the three day waiting period is a good idea as you will get an email to say that two step verification was requested and this will give anyone who didn’t try and set this up time to protect themselves. Facebook also has this feature and I would recommend setting it up if you have a facebook account.

Securing your laptop

For most people laptops are a normal part of their daily lives, however how much thought do people actually put into how secure these devices are? We use laptops for work, banking, our personal data photographs etc so why don't we spend more time securing the devices that we spend so much of our lives on? The main reason is probably effort, it just takes to much effort to worry about all that crap. Whats the worst thing that could happen anyway? I suppose worst case scenario is identity theft followed by all your bank accounts reset to zero and an email to everyone in your contacts of that inappropriate picture you took on a late Saturday night and forgot to erase. But lets not think about what could happen as I am going to give you a list of 5 things you can do to hopefully prevent some of the above.

1) Patch your operating system/ applications

This one is pretty straight forward, Microsoft and Apple both send out regular patches for their operating systems you should take the time to install these and keep your operating system up to date. Most attackers will try and exploit weaknesses in an operating system so by keeping your system patched you are staying a step ahead of at least some attacks.

For information on how to do this on Windows click here

And for apple click here


Once you have your operating system all patched your focus should turn to your applications as the same applies here. A handy tool that I use for this is the free software vulnerability scanner Secunia PSI that can be downloaded here. I don't believe that this works with mac but the link above on apple explains how you can keep all of your iOS applications updated. You should also install an anti-virus software AVG is a good free one for malware you can also install malware bytes this is free for a trial period which should be long enough to get rid of any nasty malware on your system.

2) Create a backup

This is very important and with the flurry of ransomware attacks happening at the moment it may also save you losing a week or twos wages to get your data back. Creating a backup in Windows is actually pretty straight forward.

go to Control Panel - Backup and Restore - Create a system image

Once you get here you need to plug in a hard drive or multiple cds/dvds for your machine to backup to. It takes about 2 hours depending on your system but might save you a major headache long term!

Apple has a number of backup options that can be found here. 

3) Encrypt your hard drive

This is important it also takes a bit of time so do it last thing in the evening as it does effect the performance of your machine whilst running. Remember encrypting your hard drive will keep your data safe if your machine is ever lost or stolen. Windows uses BitLocker to encrypt drives and can be turned on by going to the search bar at the bottom of your screen and typing in "Manage Bitlocker"

this will open up the Bitlocker manager here you can turn bit locker on. If you get an error message about TPM you will need to do the following before you proceed:

1) Log on to Windows 10 computer with the account that has administrative privileges.

2) Click Start and at the bottom of the menu in search box type GPEDIT.MSC command and press enter key.

3) On the opened Local Group Policy Editor snap-in from the left pane expand Computer Configuration > Administrative Templates > Windows Components > Bit Locker Drive Encryption and from the expanded list click to select Operating System Devices.

4) From the right pane double-click “Require additional authentication” at startup.

5) On the opened box click to select Enabled radio button and ensure that under Options section Allow Bit Locker without a compatible TPM checkbox is checked.

6) Once done, click Ok button to allow the changes to take effect and close Local Group Policy Editor snap-in.

Once this is done return to the Bitlocker manager and turn Bitlocker on, it is very important that you keep the recovery password you are given in a safe place as you will need this if you ever forget your password.

Apple uses FileVault to do this and the instruction to do this can be found here.

4) Invest in a VPN

I know I have said this before but I can not stress it enough if you want to keep your online data away from prying eyes and protect yourself whilst using wireless networks a VPN is a must have!! There are tons of premium VPNs on the market so do some home work and find one that suits your budget and expectations. Like I said before I use AirVPN I haven't had any issues with it yet other than a few lingerings DNS issues that may be linked more so to Windows 10 than the VPN. My plan costs €30 for six months and I have unlimited bandwidth, but like I said do your own research and pick a VPN that suits your needs. Stay away from free services unless you really trust to provider even then be wary.

5) Lock-down Windows 10 

Microsoft has more or less given anyone who wants Windows 10 the operating system for free. Now when large multi-nations start giving their products away for free its only natural to ask why. I don't have the answer on this just yet but I am guessing it has something to do with the large amount of access and data their new operating system gives them if a load of options are not turned off. After researching Windows 10 I have altered my privacy settings from on to off as I do not want to share my location, microphone, camera or calendar with Microsoft or any third party applications. The fact that all of these settings are turned on by default is a bit worrying as many non-tech users are unknowingly sharing all of their private information with both Microsoft and third party applications. To turn all of these setting to off navigate to the bottom right of your screen and click on the notification manager. This is the little box that looks like a chat icon. From here select the all settings tab, you can now navigate to privacy and choose what setting you want turned on or off. I recommended turning everything off unless you rely on an application that requires some of these features left on. And next time you get something for free maybe consider what the motive is for such a generous giveaway in an age where data is the new gold.

If you want to read a bit more about Windows 10 and get more indepth advice on how to lock down certain features I suggest reading: How to secure Windows 10: The paranoid's guide