Internet of Things poses hacking risks

The Internet of Things (IoT) is here to stay. In fact, there are there are currently eight billion IoT devices on this planet, says security consultant Jim Stickley, with that number expected to rise 20 billion by 2020. By comparison, he says there are roughly one billion personal computers (PC) and eight billion mobile devices […]

The Internet of Things (IoT) is here to stay. In fact, there are there are currently eight billion IoT devices on this planet, says security consultant Jim Stickley, with that number expected to rise 20 billion by 2020. By comparison, he says there are roughly one billion personal computers (PC) and eight billion mobile devices active today.

What’s more, many IoT devices are developed with web servers built into them, Stickley says, making them more vulnerable to attack.

Stickley demonstrated to conference attendees how he accessed a bank’s network (as the bank’s client) through a security camera using social engineering and redirect malware.

Stickley says the IoT is dangerous for companies because it exposes so many devices to the network. “As a hacker, I just want to get on the network,” he says. “If I just get on the network, everything will unfold for itself.”

He then showed the audience how he could lure a someone browsing the Internet to a malicious website and capture a network IP address.

“This just opens my eyes to just how big of a risk the Internet of Things can be,” he says.

Stickley says the biggest threat from the IoT isn’t necessarily companies such as Amazon and Google, which sell devices that connect to the Internet, but the endless stream of small companies that sell devices.

“Those devices are only as secure as the companies behind them,” Stickley says. “There are no regulations behind this stuff. It’s just chaos.”

Ultimately, education and awareness are the best defense against these threats, he says because as with most security issues it takes just a single human error to bypass any security system.

He offers three pieces of advice to avoid potential threats:

  1. Keep up with firmware updates.
  2. Never trust phone numbers that pop up on screen. Use only phone number provided by vendors.
  3. Be cautious of website that don’t stop loading.

“You’re going to have these devices on your network, so you’re better off planning for it now, and figuring out ways to segment them,” Stickley says.

Written by
admin
View all articles

About Us

The League of Southeastern Credit Unions & Affiliates represents nearly 300 credit unions throughout Alabama, Florida, and Georgia. It has a combined total of almost $200 billion in assets and 12.4 million members. LSCU provides advocacy, compliance services, education and training, cooperative initiatives, and communications.

Social Channels

Follow us on all major social media platforms.