14 DAY TRIAL // Before IoT security became everyone's problem, if we liked it or not, UK-based security firm BullGuard launched a pretty useful tool to assess the security of some of your IoT devices.
Called the Internet of Things Scanner, this tool was launched in early June 2016, when everybody knew that insecure IoT devices were dangerous, but not that dangerous to bring down a large chunk of the Internet.
The tool works by taking the visitor's IP address and checking it on Shodan, a search engine for discovering Internet-connected devices.
IoT Scanner - powered by Shodan
The IoT Scanner will tell you if your IP is reachable via Shodan, which, despite being a tool used by many security researchers, is also abused by hackers to discover possible targets and plan future attacks.
The tool does nothing more than to automate a Shodan search for an IP address, displaying the results as a list of ports exposed to the Internet.
The simplest way to protect IoT equipment, in this case, is to block port forwarding on local LAN routers or to place IoT devices behind a firewall.
Unfortunately, device owners who lack the technical skills to configure their IoT device will probably have no idea what to do to remediate IoT Scanner results, and a specialist's help will probably be needed.
Nevertheless, the IoT Scanner can help users discover if their local home network is exposing ports to the Internet, which can be used by attackers as a gateway for future attacks.
Some limitations
The tool also has its limitations. For example, users will need to be able to run a browser on their IoT device in order to access the scanner's URL. This means users can't test IP cameras, baby monitors, and others. Users may be able to test some smart fridges, which come with a built-in browser to access Internet sites, but this feature is not included in all smart fridges or IoT products, which generally feature simplistic interfaces due to storage and memory limitations.
For situations where devices have their own IP addresses or don't feature a browser to access the IoT Scanner, just go on Shodan yourself, type in the device's IP address in the Shodan search section, and hit the Search button. You'll get the same results, which is a list of exposed ports that you'll need to find a way to disable or protect from unauthorized access.
In situations where those ports are needed for actual remote management operations, just make sure you're using a password to access the device, and make sure it's a strong password, and not a factory default, which hackers are known to exploit.
