Internet of Things (IoT): threats and recommendations

Última actualización: March 12th, 2021 - 01:37 pm

The Internet of Things (IoT) is not just another term that describes the technology that connects objects and devices to the web to obtain additional information. It is a reality that little by little is gaining more and more space in homes.

In addition to Smart TVs, air conditioners, printers, refrigerators and clocks, IoT includes: security systems such as cameras and monitors for nurseries, medical devices such as pacemakers or insulin dispensers, thermostats, portable devices (usually sports), home entertainment devices and fuel control systems. In addition to the very fashionable personal voice assistants like Google Home, Alexa or Home Pod.

According to a study conducted by Gartner, by the end of 2020 there will be four devices connected to the Internet per each person in the world. It’s estimated that the number of connected objects will reach the 20 billion mark, which means a 238-percent increase since 2018.

Some examples might be useful to understand how serious this is. In 2016, surgeons implanted a pacemaker into Marie Moe, but omitted to tell her the device could connect to the Internet and lacked any kind of security configuration, therefore vulnerable to cyberattacks. What would have happened if the pacemaker was hacked?

Personal voice assistants can manage locks, alarms, fire and light control systems, and more. It is proven that they can be operated from outside the home, thanks to the excellent microphones they have installed. This type of situation can be prevented by incorporating cybersecurity solutions that identify authorized users, either by their biometric voice patterns or by integration with CCTV and facial recognition systems.

The lack of knowledge from the users and the difficulties to solve the vulnerabilities from the providers are two key elements that generate opportunities for attackers.  

Main threats of Internet of Things (IoT)

The main risks of Internet of Things include:  

  • Utse the Universal Plug and Plug (UPnP) protocol to sign in, set up and control the devices remotely, without authentication.  
  • Use factory-set passwords to send mailware or spam, or to steal sensitive information.
  • Use the IoT device to make physical damage 
  • Overload the devices until they become inoperable  
  • Interfere in business transactions 
  • Implement insecure services through HTTP or MQTT 


To avoid a problem, we must have a strategy and action plan in the area of ​​cybersecurity. To do this, some of the measures to take into account are:

  • Change the factory-set passwords by robust passwords made up of a combination of letters, numbers and special characters.
  • When possible, use separate Internet networks for IoT devices and computers, smartphones and tablets.
  • Check the updates for each device.
  • Monitor the use, consumption and data traffic of the devices.
  • Perform a quarterly security review by a third party.

Today's technology has the potential to work against us. Any resemblance to Terminator Skynet, is it a coincidence? To prevent this from happening, the main thing is to take proper precautions. There is no need to fear, just be careful.

Déjanos tu comentario