Scam of the day – November 3, 2017 – New developments in the Internet of Things

I have been warning you about dangers in the rapidly expanding Internet of things for more than three years.  The Internet of Things is made up of a broad range of devices connected to the Internet including home thermostats, security systems, medical devices, refrigerators, televisions, cars and toys.

Recently the FBI issued a  new warning to consumers about the dangers of posed by hacking of various devices that makeup the Internet of Things.

Here is a link to the FBI warning.  https://www.ic3.gov/media/2017/171017-1.aspxGPS.

Recently, Italian researcher Giovanni Mellini published his findings that he was able to remotely hack into and take control of a sex toy described by its manufacturer as “the world’s first teledildonic butt plug.”  There has been a trend in recent years in the sex toy industry to creating sex toys that can connect to smartphones and computers through Bluetooth or Wifi technology that enables the sex toy to be controlled remotely.  While this opens up new vistas for consenting adults far away from each other, it also opens up frightening new opportunities for hackers.

TIPS

Many of the devices that make up the Internet of Things come with preset passwords that can easily be discovered by hackers.  Change your password as soon as you set up the product.  Also, set up a guest network on your router exclusively for your Internet of Things devices.  Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding.  Make sure that you install the latest security patches as soon as they become available.  Use encryption software for the transmission of data and find out where data is stored and what steps are taken to secure the information.  Also, limit the amount of information you provide when setting up the accounts for the toys.  The less information out there, the less the risk of identity theft.  Finally make sure your router is secure and use its whitelisting capabilities which will prevent your device from connecting to malicious networks.

Scam of the day – May 27, 2017 – Target pays $18.5 Million to 47 states to settle security breach claims

Many people trace the era of major data breaches by hackers to the massive data breach at Target during the holiday shopping season of 2013. Credit card and debit card data on approximately 40 million Target customers was stolen as well as other information including email addresses of approximately 70 million Target customers.

Recently 47 states and the District of Columbia settled civil charges against Target related to the data breach with Target agreeing to pay 18.5 million dollars to each of these states and the District of Columbia. California will receive 1.4 million dollars which is the largest amount that any state will receive.  None of this money is to returned to consumers.

This settlement is very significant because it is part of an escalating trend of companies whose negligence leads to data breaches being held responsible for the harm caused to consumers.

Pursuant to the settlement, Target will implement a comprehensive security program which will include the use of whitelisting analytic software that helps prevent unauthorized malware programs from being downloaded, segmenting of credit card information from other parts of Target’s computer networks and increased use of encryption.

TIPS

This is a very positive step and, having reviewed in detail the security requirements that Target will be required to implement, I believe these provide a good guide for other companies to use to enhance their data security.

As for all of us as consumers, the best thing we can do is to refrain from using our debit cards from any use other than as an ATM card because the laws protecting us from unauthorized use of debit cards are not as strong as those protecting us from unauthorized use of credit cards.  In addition, whenever possible use your credit card as a chip card rather than as a magnetic strip card for increased security.