Internet of Things or Internet of Risks?20 May 2016
Most cybercriminals are looking for one of two commodities—cash or data. Both can be inappropriately exposed through a connected device—part of the Internet of Things.
Experts from Kaspersky Labs have warned that any device connected to the internet contains at least one vulnerability that can be exploited.
Sometimes this weakness is simply the result of lax attention to security, such as leaving a password on the factory setting. Other flaws are more fundamental, built into the software used by the device. In one test, a web-enabled coffee machine was found to be broadcasting enough data to allow a hacker to break into a corporate IT network.
The hacks are not always performed digitally. In another Kaspersky experiment, a digital home security system could be fooled by someone using a magnet near a window lock.
While it may seem unlikely that someone would attempt to break into your Fitbit using Bluetooth wireless, or wave a magnet outside your window, these vulnerabilities exist. Once discovered, news about them travels fast among the cybercriminal community.
Once they’ve found a way into your computer via an insecure device, hackers are likely to install malware to harvest cash or data. It could be ransomware that locks you out of your network until you pay up, or code that captures your bank logins or sucks valuable data, such as customer details, out of your databases.
These are some of the web-enabled ‘things’ that have been shown to be vulnerable:
• Baby monitors
• Children’s toys
• Heart pacemakers
• An electricity network serving thousands of homes
As more and more day-to-day objects become connected to the internet, so the risks from cybercriminals increase.
If every web-connected device presents a risk, how can you defend your home and business networks from being attacked?
There’s no easy answer, but here are some suggestions:
• Never leave device passwords on default settings.
• Keep software up to date on all devices.
• Be careful when positioning devices that collect sensitive data, such as cameras.
• Make everyone with capability to connect devices to your networks aware of the risks.
Don’t be afraid to pose questions about security to the suppliers you’re thinking of buying from, or have already bought from. Customer demand for better protection will help drive manufacturers to understand and implement stronger security measures.
We want you to ask us difficult questions about protecting your devices and networks from malware and cybercriminals. We can’t afford to be complacent about our knowledge, because our clients depend on us keeping them up to date with current thinking. Your questions help us ensure we stay current on issues around this fast-moving subject.
If you would like to know more about how the security issues around the Internet of Things may impact your systems, data and processes, give us a call on 0808 168 9135 or email firstname.lastname@example.org. We would be pleased to have a no-obligation conversation with you.
Alternatively, you can follow us as we share news on Twitter, Facebook and LinkedIn.
There are huge rewards available for the first companies to embrace and adapt to the connected world presented by the Internet of Things. But there are also significant risks to firms that, in their haste to lead the way, neglect to be diligent about their digital security.