Internet of Things poses hacking risks

The Internet of Things (IoT) is here to stay. In fact, there are there are currently eight billion IoT devices on this planet, says security consultant Jim Stickley, with that number expected to rise 20 billion by 2020. By comparison, he says there are roughly one billion personal computers (PC) and eight billion mobile devices […]

The Internet of Things (IoT) is here to stay. In fact, there are there are currently eight billion IoT devices on this planet, says security consultant Jim Stickley, with that number expected to rise 20 billion by 2020. By comparison, he says there are roughly one billion personal computers (PC) and eight billion mobile devices active today.

What’s more, many IoT devices are developed with web servers built into them, Stickley says, making them more vulnerable to attack.

Stickley demonstrated to conference attendees how he accessed a bank’s network (as the bank’s client) through a security camera using social engineering and redirect malware.

Stickley says the IoT is dangerous for companies because it exposes so many devices to the network. “As a hacker, I just want to get on the network,” he says. “If I just get on the network, everything will unfold for itself.”

He then showed the audience how he could lure a someone browsing the Internet to a malicious website and capture a network IP address.

“This just opens my eyes to just how big of a risk the Internet of Things can be,” he says.

Stickley says the biggest threat from the IoT isn’t necessarily companies such as Amazon and Google, which sell devices that connect to the Internet, but the endless stream of small companies that sell devices.

“Those devices are only as secure as the companies behind them,” Stickley says. “There are no regulations behind this stuff. It’s just chaos.”

Ultimately, education and awareness are the best defense against these threats, he says because as with most security issues it takes just a single human error to bypass any security system.

He offers three pieces of advice to avoid potential threats:

  1. Keep up with firmware updates.
  2. Never trust phone numbers that pop up on screen. Use only phone number provided by vendors.
  3. Be cautious of website that don’t stop loading.

“You’re going to have these devices on your network, so you’re better off planning for it now, and figuring out ways to segment them,” Stickley says.

Written by
admin
View all articles

About Us

The League of Southeastern Credit Unions & Affiliates represents 342 credit unions in Alabama, Florida and Georgia, with a combined total of $118.63 billion in assets and more than 10.1 million members. LSCU & Affiliates provides legislative and regulatory advocacy; education and training; cooperative initiatives (including financial education outreach); public messaging; information services; and business solutions.

LSCU Mission Statement

To create an environment that enables credit unions to grow and succeed.

LSCU Vision Statement

To be the trusted advocate and preferred source of information for credit unions.

If you need to reach us, e-mail communications@lscu.coop

Social Channels

Follow us on all major social media platforms.