Everything connected to the Internet is hackable and at risk. But there are some things connected to the Internet that you just don’t think of as risks to an organization. That is, until now. Darktrace has issued its report Darktrace Global Threat Report 2017 that discusses nine unusual cyber threat scenarios that show, among other things, just how vulnerable Internet of Things (IoT) devices really are and how they can put your organization at risk.
Take the example of the casino which connected an automatic fish feeding and fish tank temperature control system to the Internet. Like everything else digital, it was connected to its network. Little did the casino know that a vulnerability in the fish feeding contraption allowed hackers to attack the fish feeding system and then enable them to get into the casino’s network and navigate throughout its information system.
Or the smart drawing pad that an architect was using without the IT department knowing about it to send schematic drawings to others in the firm and clients. The smart drawing pad was connected to the office Wi-Fi without having changed the default login credentials that came with the pad, so easily accessible by unauthorized individuals. The incident caused “high unusual volumes of data being sent outside the network.”
When reviewing your network, any IoT devices connected to the network can be a point of vulnerability, even when it is as simple as an automatic fish feeding machine. As IoT devices become more popular, assessing the security of the IoT devices and how they are connected to the network are important considerations in managing cyber risk.