Emergent Tech

Internet of Things

FBI tells Jo(e) Sixpack to become an expert in IoT security

It's also accidentally written the syllabus for a 'Home IoT Network Engineer' course

By Richard Chirgwin

57 SHARE

Internet of Things users need to become sysadmins, America's Federal Bureau of Investigation says.

That's a summary of the Feds' blog post, published this week, in which the agency's Beth Anne Steele wrote that Things are best deployed on their own network, with an off-switch.

Steele's post offered a checklist explaining how consumers can best secure their stuff, including a suggestion to: “Isolate 'IoT' devices on their own protected networks” – which means you'll want a firewall between your broadband modem and the switch that connects the devices.

The checklist might reach beyond the capabilities of the average IoT buyer, who just wants to swipe the phone app to control their lights (because the wall is so far away), but on its own, that's a point worth making. So here's the full list, with El Reg commentary.

The depressing thing is that every single item on this list is necessary and true, and nearly all of it is beyond the home user. It would, however, make a sound syllabus for some kind of certification, if anybody would study it, which they wouldn't.

The FBI promises its blog next week will be on Internet-connected toys. We can hardly wait. ®

Sign up to our NewsletterGet IT in your inbox daily

57 Comments

More from The Register

IoT shouters Chirp get themselves added to Microsoft Azure IoT

Now your devices can join you in bellowing at Redmond's products

Bad news, mobile operators: Unlicensed IoT tech rocketing ahead of NB-IoT and LTE-M – report

Plus global mobe mobs name Sigfox top IoT tech lag

The wheel turns slowly, but it turns: Feds emit IoT security tip sheet

Alexa! Are you part of a botnet?

What do you press when flaws in Bluetooth panic buttons are exposed?

Researcher able to DoS and track personal protection kit

Hitachi's IoT gang punts never-off data protection platform

A masterclass in mind-boggling 'always-on availability' spiel

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

New variant of 'Tsunami' is a disaster waiting to happen

Arm reckons its 'any device, any data, any cloud' IoT tech has legs

SaaSy Pelion will try to make sense of terabytes of data from anywhere to anywhere

IoT search engine ZoomEye 'dumbs down' Dahua DVR hijackings by spewing passwords

And noone wants to fix it

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

Don't open that malware mail from the Feds that's not from the Feds, Feds warn

Security MadLibs: Your IoT electrical outlet can now pwn your smart TV

McAfee finds new way to break thing that shouldn't be on your home network in the first place