In a new report, researchers found nine vulnerabilities in the communications protocols used in IoT devices. The vulnerabilities could lead to Denial of Service (DoS) or Remote Code Execution (RCE) by hackers. Over 100 million consumer, enterprise, and industrial IoT devices could be affected. The security flaws could allow hackers to take devices offline or control them remotely. Cybercriminals also could use the security issues to gain wider access to affected networks. “Cyber threats to those accessing the internet at home have increased in the last year,” Heather Paunet, a security expert at the cybersecurity firm Untangle, said in an email interview. “When IT departments scrambled to set workers up for home offices, malicious actors saw an opportunity and began to take advantage of firewalls that were either not in place or not effective enough.”
Firewalls to the Rescue
Firewalls can help prevent hackers from exploiting the kind of vulnerabilities found in the recent report, Dirk Schrader, a security expert at the cybersecurity firm New Net Technologies, said in an email interview. Personal firewalls can protect against hackers sending you a malicious email, as well as someone jumping on your open internet connection, Kris Bondi, CEO of the cybersecurity firm Mimoto, said in an email interview. They also can be a good tool for privacy protection. Consumer firewalls can come in the form of a soft or hard firewall appliance, Brian Desmot, CEO of the cybersecurity firm iTecs, said in an email interview. A soft firewall is generally one that is installed on the system and provides an easy-to-use interface. A hard firewall is an appliance installed on the consumer’s home network, and moderates the traffic coming in and out of the network. “User’s need firewalls to ensure that their system can effectively block unsolicited or unauthorized network traffic and requests,” Desmot added. “A firewall can also keep viruses that have successfully infected a computer from transmitting sensitive data.”
Plug in Your Own Firewall
For example, there’s Firewalla, a hard firewall device that plugs into your router. It monitors network traffic and alerts you via an app of abnormal smart home device activity. Firewalla claims to also block hackers and cyber thieves from being able to breach smart home devices to steal personal information. One software-based firewall is Bitdefender, which purports to block intrusions and filter your network traffic. It also includes webcam and microphone protection to prevent eavesdropping. One of the most prevalent kinds of attacks that firewalls help prevent is denial of service (DDoS) attacks, Tom Kirkham, CEO of the cybersecurity firm IronTech Security, said in an email interview. DDoS attacks are attacks targeting websites that offer an online service. “They are considered malicious attacks where cybercriminals attack a particular online service by overpowering the website,” he said. “Hackers bombard the website with an abundance of online traffic, leaving the server or network where it can no longer handle the traffic.” For the best protection, firewall solutions should protect your network, as well as the devices and users, Paunet said. The firewall should include virus protection; threat prevention, to stop malicious servers with a bad reputation from being allowed on the network; and protection from ransomware and clicks on malicious links. It also should include web filtering that protects users from clicking on links that could execute something on their devices. Despite their advantages, firewalls aren’t perfect protection. “Personal firewalls aren’t good for preventing malware attacks, however,” Bondi said. “Malware can reach the system from a compromised service in the form of trusted data.” Bondi recommends using a personal VPN instead of a firewall. “A VPN encrypts your communication and masks your activities’ location. Think of it as operating incognito with added security and the ability to name where you’d appear to be located,” Bondi said.
