Cybersecurity and the Internet of Things


Iphone 13
Promo for Apple's IOS 13 update

The modern issue with media literacy is our production of big data without any knowledge of how it is being used. As technology advances our understanding of how it operates decreases. I feel it is the media’s job to help inform the public more about ways they can learn and prevent possible threats from appearing in their own homes. One huge area with little attention is the Internet of Things (IoT) which consists of all network connected devices. This consists of everything from someone’s smartphone to their smart AC units in their home. Having an internet connection to appliances is great for convenience but detrimental to one’s home security if it isn’t properly cared for. Most of these smart home devices come with a default password which is the same across all similar products. Changing passwords and updating them regularly is the best way to keep safe from outside threats (Thales 2021). The media’s responsibility is to publicize stories about data breaches and vulnerabilities. When Apple had a fatal vulnerability in their release of IOS following the iPhone 13, there was no huge headlines advising all apple product users to update their devices. The vulnerability was big enough to grant an attack access to the device remotely (Naraine 2021).


Along with IoT attacks one of the most prominent ways for outsiders to attack is by taking advantage of unsuspecting victims.

This can be done through phishing emails or social engineering. Unknown to users some of their inbox contains fake messages pretending to be important companies. For example, a PayPal email, receiving an email from PayPal is common when you have regular transactions. But what some fail to check the legitimacy of their mail. When a user does not notice the ill-formatted email, they click on the links within which brings them to a page that takes their login when they try to access their account. Cybersecurity literacy is a must in this evolving world. Something similar to this is social engineering. Social engineering is the use of abusing another’s authorization to infiltrate a system. An example of this is looking at a receptionist’s desk to see a sticky note with a password written on it. This may not seem like a huge deal to people that have trouble remembering passwords, but it ruins any confidentiality that login has.



A false email mimicking Netflix
An example of a "phishing" scam via the Federal Trade Commission

Another example would be plugging in a thumb drive you find out in public or around the office. Thumb drives are a dangerous thing to insert into a computer as it not only infects the computer, but also any network the computer is operating on. A simple way to inject a virus into a closed network is to plant a thumb drive and wait for an unsuspecting employee plug it in out of curiosity (Mills 2008). Overall cybersecurity is a necessity to operate safely online but nobody is well versed in how to do that. Increasing the public’s understanding through the media is imperative.


“IOT Security Issues in 2021: A Business Perspective.” Thales Group, 9 Apr. 2021.


Mills, Elinor. “USB Devices Spreading Viruses.” CNET, CNET, 21 Nov. 2008.


Naraine, Ryan. “Apple Confirms IOS 15 Zero-Day Exploitation.” SecurityWeek, 11 Oct. 2021.

 

Bryan Bushey is a Cyber Security major at Sacred Heart University. He is currently a Junior and runs on the D1 Track and Field team as a hurdler. Bushey has a heavy computer background all the way since high school where he would repair iPhones for people as well as fix his own. Since then, he has had the opportunity to explore more in-depth cybersecurity concepts including software defined radio --essentially learning how to use radio transmissions to unlock a vehicle after listening into the car’s key signal. He plans to keep learning about new and upcoming cybersecurity issues to better defend against them in the future.

6 views0 comments