FBI recommends that you keep your IoT devices on a separate network

The FBI also recommends changing factory-set (default) passwords and not allowing an IoT device's accompanying mobile app to gain access to too many smartphone permissions.
Written by Catalin Cimpanu on

The FBI says owners of IoT (Internet of Things) devices should isolate this equipment on a separate WiFi network, different from the one they're using for their primary devices, such as laptops, desktops, or smartphones.

"Your fridge and your laptop should not be on the same network," the FBI's Portland office said in a weekly tech advice column. "Keep your most private, sensitive data on a separate system from your other IoT devices," it added.

The same advice -- to keep devices on a separate WiFi network or LAN -- has been shared in the past by multiple IT and security experts [1, 2, 3, 4].

The reasoning behind it is simple. By keeping all the IoT equipment on a separate network, any compromise of a "smart" device will not grant an attacker a direct route to a user's primary devices -- where most of their data is stored. Jumping across the two networks would require considerable effort from the attacker.

However, placing primary devices and IoT devices on separate networks might not sound that easy for non-technical users. The simplest way is to use two routers.

The smarter way is to use "micro-segmentation," a feature found in the firmware of most WiFi routers, which allows router admins to create virtual networks (VLANs). VLANs will behave as different networks, even though they effectively run on the same router. A good tutorial on how you can create VLANs on your routers is available here.

While isolating IoT devices on their own network is the best course of action for both home users and companies alike, this wasn't the FBI's only advice on dealing with IoT devices. See below:

  • Change the device's factory settings from the default password. A simple Internet search should tell you how—and if you can't find the information, consider moving on to another product.
  • Passwords should be as long as possible and unique for IoT devices.
  • Many connected devices are supported by mobile apps on your phone. These apps could be running in the background and using default permissions that you never realized you approved. Know what kind of personal information those apps are collecting and say "no" to privilege requests that don't make sense.
  • Make sure all your devices are updated regularly. If automatic updates are available for software, hardware, and operating systems, turn them on.

Last week, the same FBI branch office in Portland also gave out similarly good advice on dealing with smart TVs by recommending that device owners put a piece of black tape over their smart TV's camera lens.

The FBI claimed that hackers who take over smart TV sets would be able to spy on device owners through the built-in cameras.

While this is prudent advice, it is worth mentioning that there have not been any known cases of this happening -- with hackers taking over a smart TV and spying on its owner through the TV's camera.

24 internet-connected things that really shouldn't be online

Editorial standards


AWS Private 5G: Want to build your own 5G network? Now you can
Adult man and woman working with computer in textile factory.

AWS Private 5G: Want to build your own 5G network? Now you can

Digital transformation strategy: 6 ways to keep your project on track
Agile framework board for lean product development with scrum or kanban methodology, project management with iterative or incremental strategy, young woman working with computer

Digital transformation strategy: 6 ways to keep your project on track

Get a folding drone that you can take anywhere for $110

Get a folding drone that you can take anywhere for $110