█
LastWrite
  • > Curriculum
  • > Pricing
  • > For Educators
  • > About
  • > Contact
Log InGet Started

Questions, concerns, bug reports, or suggestions? We read every message, write to us at [email protected].

More ways to reach us →
LastWrite

Structured computer science lessons for aspiring developers and security professionals.

[email protected]

(201) 785-7951

Mon–Fri, 9 AM–5 PM EST

Learn

  • Curriculum
  • Pricing

Company

  • About
  • For Educators & Schools
  • Contact Us

Legal

  • Terms of Service
  • Privacy Policy
© 2026 LastWrite. All rights reserved.
Curriculum/Cybersecurity/End User Device Management/IoT Security
35 minIntermediate

IoT Security

After this lesson, you will be able to: Understand IoT vulnerabilities and how network segmentation protects them.

IoT devices, printers, cameras, smart TVs, thermostats, typically ship with default passwords, never get patched, and run on the same flat network as your laptops. Segment or perish.

Prerequisites:Patch Management for Endpoints

Why IoT is uniquely bad

Default credentials (admin/admin, no password). Embedded Linux that's never patched (manufacturer abandons it). No EDR/AV possible (constrained device). Often listening on the network for management.

⚠️ Mirai, the warning shot

2016: Mirai botnet took over 600K IoT devices using a list of 60 default credentials. Used to DDoS DNS provider Dyn. Took down Twitter, Reddit, Netflix for a day. The devices weren't patchable, manufacturers had moved on.

Defending IoT

  1. 1

    1. Network segmentation. IoT VLAN, can't reach corporate.

  2. 2

    2. Change default credentials.

  3. 3

    3. Disable unnecessary services (UPnP, telnet).

  4. 4

    4. Update firmware when possible.

  5. 5

    5. Monitor egress traffic (compromised IoT phones home).

  6. 6

    6. Plan device EOL, replace abandoned hardware.

OT / ICS bonus

Industrial control systems (factories, utilities) are like IoT but worse, multi-decade-old protocols (Modbus, DNP3) with no auth. Stuxnet showed the impact. ICS security is its own subspecialty.

Sign in and purchase access to unlock this lesson.

Sign in to purchase
←Patch Management for Endpoints
Back to End User Device Management
Endpoint Security Resources and Next Steps→