Latest News from IT365

Internet of Things or Internet of Risks?20 May 2016

What are the chances that a cybercriminal could hack into your company’s IT network through your fitness tracker? It’s quite possible, according to an expert working for security specialists Fortinet.

Wearable device company Fitbit was quick to refute the idea that its wearables were hackable in that way, but Fortinet persists in its view. Given the right conditions, it says, a Fitbit presents a security risk.

This argument encapsulates one of the biggest challenges presented by the Internet of Things. Connected devices offer to make our lives easier and our businesses more productive. At the same time, a landscape populated by web-enabled devices introduce new risks.

 

Welcome to the Internet of Thieves


Most cybercriminals are looking for one of two commodities—cash or data. Both can be inappropriately exposed through a connected device—part of the Internet of Things.

Experts from Kaspersky Labs have warned that any device connected to the internet contains at least one vulnerability that can be exploited.

Sometimes this weakness is simply the result of lax attention to security, such as leaving a password on the factory setting. Other flaws are more fundamental, built into the software used by the device. In one test, a web-enabled coffee machine was found to be broadcasting enough data to allow a hacker to break into a corporate IT network.

The hacks are not always performed digitally. In another Kaspersky experiment, a digital home security system could be fooled by someone using a magnet near a window lock.

While it may seem unlikely that someone would attempt to break into your Fitbit using Bluetooth wireless, or wave a magnet outside your window, these vulnerabilities exist. Once discovered, news about them travels fast among the cybercriminal community.

Once they’ve found a way into your computer via an insecure device, hackers are likely to install malware to harvest cash or data. It could be ransomware that locks you out of your network until you pay up, or code that captures your bank logins or sucks valuable data, such as customer details, out of your databases.

 

Connected devices that can be hacked


These are some of the web-enabled ‘things’ that have been shown to be vulnerable:

  •   Baby monitors

  •   Cars

  •   Children’s toys

  •   Heart pacemakers

  •   An electricity network serving thousands of homes

As more and more day-to-day objects become connected to the internet, so the risks from cybercriminals increase.

 

How to protect your web-enabled devices


If every web-connected device presents a risk, how can you defend your home and business networks from being attacked?

There’s no easy answer, but here are some suggestions:

  Never leave device passwords on default settings.

  Keep software up to date on all devices.

  Be careful when positioning devices that collect sensitive data, such as cameras.

  Make everyone with capability to connect devices to your networks aware of the risks.

Don’t be afraid to pose questions about security to the suppliers you’re thinking of buying from, or have already bought from. Customer demand for better protection will help drive manufacturers to understand and implement stronger security measures.

 

Talk to us about Internet of Things security


We want you to ask us difficult questions about protecting your devices and networks from malware and cybercriminals. We can’t afford to be complacent about our knowledge, because our clients depend on us keeping them up to date with current thinking. Your questions help us ensure we stay current on issues around this fast-moving subject.

If you would like to know more about how the security issues around the Internet of Things may impact your systems, data and processes, give us a call on 0808 168 9135 or email enquiries@itsupport365.co.uk. We would be pleased to have a no-obligation conversation with you.

Alternatively, you can follow us as we share news on Twitter, Facebook and LinkedIn.

There are huge rewards available for the first companies to embrace and adapt to the connected world presented by the Internet of Things. But there are also significant risks to firms that, in their haste to lead the way, neglect to be diligent about their digital security.