How secure is your smart home? It’s a question you might be asking after a hacker has published a list of Telnet logins for a half-million servers, as well as home routers and smart devices, sometimes referred to as the Internet of Things (IoT).
Telnet is an application protocol used on an internet network to provide text-oriented communication abilities using a virtual terminal connection.
According to tech site ZDNet, the hacker published the list on a hacker forum and included each device’s IP address, along with the username and password, potentially giving readers easy access to the compromised device.
That information can be used to take remote control of the compromised devices. Computers can be used to send out millions of spam emails. Smart devices, such as thermostats and garage door openers, can be used to carry out denial of service attacks on websites, making them inaccessible for short periods of time.
Denial of service attack
In 2016, hackers took control of millions of smart devices around the world to carry out such attacks against major websites, such as Amazon, Netflix, and Twitter.
Dyn, the sites' common DNS provider, conducted an investigation that showed that many of the compromised smart devices had been infected with a malware called Mirai, which is a botnet. This attack was directed at Dyn, but the threat to individual consumers is just as possible and, in many ways, more invasive.
A year later, security software firm Trend Micro reported a steady increase in the number of attacks on smart appliances, interfering with individuals’ use of their lights, home security systems, thermostats, and even TVs and baby monitors.
The hacker who published the latest list said the login credentials were easy to come by because they had either not been changed from the factory default or had been changed to easy-to-guess passwords like “1-2-3-4.”
How to protect yourself
There are steps consumers should take to protect their smart devices and any device that connects to the internet. Norton Security reports the threat is much more personal than simply allowing your device to be taken over and used by a hacker.
It notes that smart devices in the home are data collectors and the personal information collected and stored with these devices, such as your name, age, health data, location and more, can aid criminals in stealing your identity.
You can protect yourself by installing reputable and highly rated internet security software on your computers, tablets, and smartphones. Use strong and unique passwords for device accounts, Wi-Fi networks, and connected devices.
Also, do some research when you are shopping for a smart device. These devices collect a lot of personal data. While collecting data isn’t necessarily a bad thing, you should know about what types of data these devices collect, how it’s stored and protected, if it is shared with third parties, and the policies or protections they offer in the event of a data breach.