Telling the truth about SME life today

Dont fall foul of the connected world of business

The Internet of Things is a phrase that is bandied around a lot at the moment and in a nutshell, it is when a multitude of devices all talk a common language over the Internet connections. The positive effects of this are clear. Suddenly, we are able to control our gadgets remotely, and gain additional services from them that enhance our lives and businesses. The downside is that connected devices have already been exploited, causing concerns about security and privacy. Worse still is that within businesses, when data is particularly sensitive the implications of a breach can be catastrophic.

In the workplace, everything from security cameras, Internet routers and industrial control systems are just a few examples of gadgets that are vulnerable. Common threats that we have seen pose a risk to these types of devices recently are worms that can attack the Linux operating system. 

For example, the Darlloz Linux worm is one that has been created specifically to exploit the Internet of Things. This threat is able to infect devices such as routers, cameras, and entertainment systems. Although the recent reports of a refrigerator sending spam were unfounded according to our research, such attacks using the Internet of Things are possible and more likely in the future. 

Danger of the unknown

What is particularly worrisome about these kinds of threat is that, in many instances, the end-user may have no idea that their device is running an operating system that could be attacked. The software is, by and large, hidden away on the device. Another potential issue is that some vendors dont supply updates, either because of hardware limitations or outdated technology, such as an inability to run newer versions of the software. 

For those interested in discovering your connected devices and looking at ways of gaining access to them or infecting them with malware, the tools of the trade arent difficult to find. The search engine Shodun enables people to search for a range of Internet-enabled devices. Everything from cars, building heating control systems to water treatment plants are searchable. If a device is simply found using Shodan, it does not mean a device is vulnerable. However, services such as Shodan do make it easier for devices to be discovered if attackers know of vulnerabilities in them.

There are more connected devices than ever before, which is great because they enable us to work smarter and have access to a greater amount of control and convenience. Wifi chipsets are cheaper to produce, an updated version of Internet Protocol that enables devices to communicate (IPv4) is being adopted, and a new Internet of Things friendly version of Bluetooth are combining to ensure that this level of connectivity remains prominent. And so whether you run or work at a small or medium company, or even within at home, youll see these devices becoming commonplace. 

Take action

The response to potential threats shouldnt be panic, it should be preparedness. There are some simple steps to take to secure your business network and ensure your devices dont introduce a host of vulnerabilities.

  1. Perform an audit of what devices you own. Just because a device doesnt possess a screen or a keyboard, doesnt mean that it isnt vulnerable to attacks;
  2. If something you own is connected to your business network, there is a possibility that it is accessible over the Internet and thus needs to be secured;
  3. Pay attention to the security settings on any device you purchase. If it is remotely accessible, disable this feature if it isnt needed;
  4. Change any default passwords to something that is only known by the administrator of your office network. Dont use common or easily guessable passwords such as 123456″ or password . A long combination of letters, numbers and symbols will generate a strong password; and
  5. Regularly check the manufacturers website to see if there are updates to the devices software. If security vulnerabilities are discovered, manufacturers will often patch them in new updates to the software.

Dick OBrien, Senior Information Developer at Symantec.

Image source

Trending

Topic

Related Stories

More From

Trending

If you enjoyed this article,
why not join our newsletter?

We promise only quality content, tailored to suit what our readers like to see!