Without proper security controls, compromising an IoT device is easy work for hackers, giving them access to potentially more than just the device. Let's make it harder for them in 2019!
We live in a world where people want to be more connected to the things they care about, have more control, and do so anytime, anywhere. It’s the reason why IoT devices like Nest cameras have become popular among consumers and small businesses.
But recent stories around the hacking of such devices highlights the need to ensure they are secure:
In one case, a family’s Nest camera used to monitor their baby was hacked, with the hacker scaring the family by stating he was in the room and was planning to kidnap their baby.
In another, a white hat hacker compromised a Nest camera and spoke to the camera’s owner warning him about how insecure the device was.
While the two examples are relatively benign, we have seen at least one story in the news of a casino data being breach occurring through a temperature control device for a fishtank. And with many smaller IT departments relying on easy-to-implement and manage security cameras, these Internet-accessible devices are the perfect entry point for external attackers looking for a way in.
When connecting these devices – both at home and in the workplace – consider the following guidance:
The reuse of passwords is not uncommon – according to LastPass’ 2018 State of the Password report, half of all employees reuse passwords across both home and work accounts. This puts the organization at risk. Users need to be educated using Security Awareness Training on proper password etiquette, password reuse, how to create secure passwords, and more.
We’re only going to see more IoT devices in the workplace and at home. Now is a good time to be thinking about properly securing these devices – regardless of where they are used - to ultimately ensure the security of the organization’s network and data.