Last updated at Mon, 30 Oct 2023 20:54:58 GMT

'Twas the night before HaXmas, and all through the house, vulnerabilities and exploits were lurking because of a wireless mouse...

We’ve all been there Christmas morning—shiny new gadgets and devices are unwrapped, then immediately put on your wireless network so the kids (or adults!) can start swiping and tapping away at their new toys.

There’s just one small problem with this: None of those devices have been updated or patched, and many of those tablets, phones, laptops, or IoT devices are rife with vulnerabilities and exploits straight out of the box, ultimately inviting potential security risks onto your home network.

From your new laptop to your smart oven, all interconnected devices today have the potential to become an attack vector for mischievous elves on the dark web. Regardless of the type of device under your tree, here are some quick and easy things to look for and change to help better secure your holiday gifts:

Default passwords

The first thing that should be changed on any new device is its default password. Some new devices have additional security measures such as biometrics that should also be set up to further secure them, but there are privacy concerns that should be considered before enabling those features.

Strong passwords changed periodically will help defend your devices against any unauthorized access from people on the naughty list.

Default settings

Here, a little research goes a long way. Looking up secure configuration settings and following manufacturer best practices for securing your devices can help keep your smart home devices from becoming an attack vector. The best defense for your smart home and other “smart” devices is having them behind a secured wireless network with strong encryption and a strong password.

Network services

Many devices come out of the box with all their features enabled by default. Some of these include unnecessary network services or features that can compromise the device, unbeknownst to the user, when exposed to the internet.

For instance, do you really need remote access or remote administration on your smart toilet? Disabling any unneeded features or services on devices should be considered to keep your HaXmas merry and bright.

Privacy protection

Another concern for these devices is the lack of sufficient privacy protection, as data stored on some devices can be used insecurely or without permission from the owner.

For example, be careful about what types of information you are offering up to your smart refrigerator. Remember that biometric data we talked about earlier? Are you sure you want your fridge having facial recognition-scanning abilities? It’s going to be hard to explain away those midnight snack runs when the fridge knows exactly who opened the door and when.

Make sure you know what types of information your devices are gathering and storing. Disable any features that may allow the use of that data without your permission.

Santa already sees you when you’re sleeping and knows when you’re awake. You don’t want the dark web to know those things, too.

What do you do to protect yourself?

  • Before purchasing gifts for anyone, look into the security features and flaws of the device and make a decision on whether it’s the best gift to give to your friends or family. Help set them up for success by getting them a device that can be secured and updated properly. This should avoid any awkward Christmas dinners because the cheap tablet you bought Susan last year got her identity stolen.
  • Patch and update your connected devices after you receive them. Apply the updates to your smartphones, patch those laptops, and update firmware on your IoT devices, if available (yes, even the smart oven).
  • The best protection against all these concerns is a robust firewall or security appliance for your home network. Choose a product that has content filtering, intrusion detection and prevention, antivirus, and packet inspection technology. There are many affordable options for security-minded home users on the market today. You don’t have to spend your entire Christmas budget on a firewall.

Don’t depend on Santa to put the bad guys on the naughty list. Protect yourself this year with proper security posture on your new devices.