Emergent Tech

Internet of Things

FBI tells Jo(e) Sixpack to become an expert in IoT security

It's also accidentally written the syllabus for a 'Home IoT Network Engineer' course

By Richard Chirgwin

57 SHARE

Internet of Things users need to become sysadmins, America's Federal Bureau of Investigation says.

That's a summary of the Feds' blog post, published this week, in which the agency's Beth Anne Steele wrote that Things are best deployed on their own network, with an off-switch.

Steele's post offered a checklist explaining how consumers can best secure their stuff, including a suggestion to: “Isolate 'IoT' devices on their own protected networks” – which means you'll want a firewall between your broadband modem and the switch that connects the devices.

The checklist might reach beyond the capabilities of the average IoT buyer, who just wants to swipe the phone app to control their lights (because the wall is so far away), but on its own, that's a point worth making. So here's the full list, with El Reg commentary.

The depressing thing is that every single item on this list is necessary and true, and nearly all of it is beyond the home user. It would, however, make a sound syllabus for some kind of certification, if anybody would study it, which they wouldn't.

The FBI promises its blog next week will be on Internet-connected toys. We can hardly wait. ®

Sign up to our NewsletterGet IT in your inbox daily

57 Comments

More from The Register

IoT shouters Chirp get themselves added to Microsoft Azure IoT

Now your devices can join you in bellowing at Redmond's products

Bad news, mobile operators: Unlicensed IoT tech rocketing ahead of NB-IoT and LTE-M – report

Plus global mobe mobs name Sigfox top IoT tech lag

Hitachi Vantara brain dump: IoT, servers, containers and self-regulating data centres

You lucky NEXT 2018 people

What do you press when flaws in Bluetooth panic buttons are exposed?

Researcher able to DoS and track personal protection kit

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

New variant of 'Tsunami' is a disaster waiting to happen

Hitachi's IoT gang punts never-off data protection platform

A masterclass in mind-boggling 'always-on availability' spiel

GCHQ asks tech firms to pretty please make IoT devices secure

Hive, HP Inc sign up to refreshed code of practice

Er, we have 670 staff to feed now: UK's ICO fines 100 firms that failed to pay data protection fee

Enforcing GDPR is expensive work, says watchdog

Arm reckons its 'any device, any data, any cloud' IoT tech has legs

SaaSy Pelion will try to make sense of terabytes of data from anywhere to anywhere

IoT search engine ZoomEye 'dumbs down' Dahua DVR hijackings by spewing passwords

And noone wants to fix it