It's long been the job of parents to caution their children to beware of the outside world. We warned them that it was filled with potential dangers, most notably strangers waiting to take advantage of kids' trusting nature. We taught them to keep their valuables hidden, and not to share personal information with anyone they didn't know. We certainly had no reason to tell them about strangers lurking in their own homes.
Well, that's not the case anymore. Oh, there may not be an actual physical stranger in your house, but there are plenty of digital ones. They're in the kitchen, family room and bedrooms. They're in backpacks and purses, or maybe even shoved in drawers. They're wherever there's an internet-connected device. And wherever you go in cyber space, they're there, biding their time, looking for an opportunity to force their way into your digital world.
And they're not just waiting to prey on unsuspecting children. They're looking for any opportunity to get at your valuable personal data, whether that be credit card information, social security numbers or health care details. Worse, if you're not doing anything to stop them, there's a good chance they're getting at it.
These are the cautionary messages behind the first week of National Cyber Security Awareness Month, an October tradition since the Department of Homeland Security and the nonprofit National Cyber Security Alliance launched it in 2004.
Each week this month carries a cyber security awareness theme. This week it's online safety in the home. Subsequent weeks will focus on cyber security careers, workplace security and safeguarding the nation's infrastructure.
The NCSA has a site set up that provides details on each of the themes, tips on how to address each of them, and suggestions on ways to get involved in improving cyber security in each setting.
For those looking to shore up security in their homes, the site drills down into areas such as dealing with spam and phishing, securing online shopping, backing up data, and taking precautions to contend with malware, botnets and ransomware.
Those who aren't taking cyber security in the home seriously should check the headlines.
For instance, a recent Newsweek report highlighted the vulnerability of home wi-fi networks, and a survey from Open-Xchange, a British software company that offers a range of email and productivity software security products, indicated that just 15 percent of parents in the U.K. use software or apps to control access to and protect Internet-of-Things connected devices. (It's safe to assume the survey, which polled more than 2,000 U.K. parents, would result in similar findings if conducted in the U.S.)
Similarly, a recent piece in IoT Business News argued that the race to get IoT devices into people's homes has resulted in security getting short shrift, and vendors have failed to make it easy for consumers to adjust default settings.
"The drive to be the first to market has meant that many manufacturers have not even considered the security implications of their devices," wrote author Kimmo Aura, program director at Business Finland, a Finnish research funding agency.
"They have either not built appropriate security measures, use inadequate measures or, in some cases, provide no settings at all."
The dizzying proliferation of connected devices in the home has opened so many security holes that Smart & Resilient Cities has put together an infographic designed as a sort of primer on the vulnerabilities presented by the numerous IoT devices common in today's homes.
Sadly, that primer will need quick updating, as Aura sites Gartner research predicting that the current average of 9 connected IoT devices per home will rise to 500 by 2022. That's more than a 50-fold increase in just four years. How is an already security-challenged population of consumers going to keep up?
Not surprisingly, there are literally dozens, if not hundreds, of sites where you can find tips and suggestions to protect yourself, your home and your family. Most of them offer abundant technical solutions, but security consultancy FRSecure might have the most accessible and non-technical list of suggestions we've seen.
In fact, most of the company's advice is shockingly common sense and simple to implement. FRSecure implores consumers to:
- update devices to the latest software regularly, decreasing the odds that they are unnecessarily compromised by a vulnerability;
- freeze their credit, ensuring that no one else ever open a credit account or apply for a loan in their names;
- take a few minutes to learn the basic dos and don'ts for avoiding being victimized by current scams;
- share whatever steps they've taken and whatever other tidbits they've picked up with their circles of family and friends; and
- be more diligent about creating longer, more complex passwords and consider using password managers to help them stay on top of that.
And, of course, they should remember to turn those cautionary words to their children about strangers inward, and educate them about the dangers they need to be aware of at home.