Technological advances continue to change the way we do business, opening doors to new possibilities and shaping the worldwide economy. But alongside the silver lining of quicker and easier working methods for companies has come an ominous cloud of threats from cyber criminals prepared to exploit every avenue available to them. MD at PAV i.t. Jason Fry explores the Internet of Things and offers his advice for tackling online fraud.
What are we dealing with?
The Internet of Things – or IoT as it is also known – may sound like a new concept but it has been around longer than you would think. The term applies to the myriad objects now available to us that can connect over the internet – smart TVs, heating systems and even fridges. In an office, this includes devices which are linked up via a company’s own internal network, such as printers, copiers, projectors, smart phones and tablets.
The term was first coined in the late 1990s but dates back as far as 1982 when a vending machine at an American university became the first internet-connected machine. Back then online crime was not at the threat level it is now, mainly because it was not worth cyber criminals’ time to hack into such rudimentary machines.
But with the rise of smart devices – and with our lives becoming ever more connected through them – the pickings for personal and company data are rich for criminals.
What is at risk?
As well as the risks posed to personal data, businesses must also be alert that sensitive and financial information stored on connected devices – including those that can be linked to a company’s own internal network – could be just as vulnerable to cyber attacks. IT research and advisory company Gartner has estimated a 30-fold increase in the number of IoT devices that will be installed in 2020 – excluding phones, tablets and PCs – meaning there will be even more potential avenues for criminals.
A device connected to the IoT can simply provide a way in for a hacker to then steal information and details, or use ransomware to encrypt data, leaving companies unable to acess their own systems. Often the only way out of this is to pay the criminal a ransom so they release your data.
Aside from collecting details, hackers have also shown how they can control connected devices – from cars to pacemakers and even guns – so it is imperative to have the best security possible to guard against such attacks.
How we can protect ourselves
Adopting the right technology is the first line of defence. A combination of specialist hardware and software can be used to close any potential gaps in security, but should be rigourously monitored to keep up-to-date with technological adavances. Having a team of security specialists on hand, who can put appropriate policies in place and constantly review them, will help minimise the risks.
In a business environment it is hugely important to have robust policies in place for shared devices, such as printers, copiers, franking machines and projectors but also employees’ own devices such as smart phones, which should be restricted to prevent security from being breached via unsolicited devices. This ensures employees know how to use equipment safely and which devices can be connected to internal networks so they are not inadvertently putting the company at risk. These policies can also outline the usage for such devices so misuse of them does not open them up to vulnerabilities, whilst encouraging best practice.
Keeping a close eye on IoT developments will also help in the race to stay one step ahead of the criminals – a process that goes hand in hand with having regular audits of your security systems to ensure they remain inpenetrable.
[su_box title=”About Jason Fry” style=”noise” box_color=”#336588″][short_info id=’89745′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.