See how your smart device rates for cybersecurity
“Smart,” Internet-connected devices are becoming ubiquitous. However, Internet of Things (IoT) risks are a major concern as cybersecurity for these devices hasn’t kept pace with their adoption.
Wifi-enabled thermostats, front-door cameras, home assistant speakers, and other “trivially vulnerable” embedded devices are becoming commonplace despite their lack of security.
If you, your children, and family can control it with a cellphone, it’s connected and open to breach.
A decade ago, computer scientist Ang Cui experimented to determine just how easy it was to hack into a device. He discovered that one million-plus, publicly accessible devices were open to easily hack, representing roughly 13 percent of all connected devices in 144 countries. Today, that scratches the surface and IoT risks continue to grow.
But, how can you find out how your smart device ranks among security maturity?
A team of professors, research scientists, and graduate students from Georgia Institute of Technology and the University of North Carolina, Chapel Hill, created the “Your Things Scorecard” system.
They “evaluated over 50 devices spanning several categories such as home assistants, media devices, appliances, home security, and cameras.” Their grading system ranks a growing list of 45 popular smart-home devices, providing grades related to device, mobile, cloud, and network security. Using their system, you’ll be able to get a handle on your own IoT risks.
The Amazon Echo, for example, ranks 88.1% (B) for device grade but receives an F for mobile security (46.15%). In contrast, the device with the highest scores across all categories was the Canary home security system with three A-grades and one B-grade. The device with the lowest scores across all categories was the MiCasaVerde home control and entertainment system with three F-grades and one B-grade.
Ironically, systems that are meant to keep a home safe from intruders could open the family to identity theft or invasion of privacy.
Their methodology, outlined on their site, focuses on scoring smart-home devices based on the security maturity of four main components:
- The device – the hardware purchased (Alexa, SmartThings, Sonos, etc.).
- The mobile application – the companion mobile application that interacts with the device (Android or iOS application.)
- Cloud endpoints – Internet services that the device or the mobile app communicates with.
- Network communication – Network traffic between each component (local and Internet traffic).
Each of these components has properties that are used as features to compute a score.
While the Your Things Scorecard is not exhaustive, it launches an approach that gives consumers more quantified insight into the data security requirements they should look for when making their world smarter, allowing them to better asses the risks associated with their IoT devices.