The world of computers is no longer just computers. It’s cars, houses, televisions, refrigerators, toasters, glasses, wristwatches, sneakers, lights, baby monitors, medical devices, and almost any other object that some salesman thinks will appeal to buyers more if it had a computer or sensor in it. Most of these items are connected to the Internet and have an Internet Protocol (IP) address. It’s known as the Internet of Things (IoT). Unfortunately, many, if not most, IoT devices are very insecure and can be successfully hacked—some quite easily.

How Do Hackers Hack IoT?

The same way they do regular computers, by picking one or more vulnerabilities along the Open Systems Interconnection (OSI) model layers (Physical, Data‐Link, Network, Transport, Session, Presentation, and Application). The only difference is that the IoT device may not use traditional hardware or a well‐known operating system (or it might not even have a traditional operating system at all). Hackers have to learn as much as they can about the device, research its components and operations, and look for vulnerabilities.

For example, suppose a hacker wants to see if they can hack an IoT toaster. The first order of business is to get one and study all the accompanying documentation. They then attempt to determine how it connects to a network and what it sends over the network by enabling a network sniffer and turning on the device. You can learn an incredible amount about a device by listening ...