Are Internet of Things Devices Safe to Use?

Internet of things, IOT, IoT Attacks, Ophtek, Security, , , ,
16
Apr 2019

The Internet of Things (IoT) has revolutionized the way we connect and interact with physical devices, but is this new technology as secure as it should be?

Clearly, with around 26 billion associated devices estimated to be in use during 2019, the IoT needs to be secure due to the amount of data being transmitted. However, as the IoT is a relatively recent phenomenon, it’s no surprise that so many headlines are warning against the dangers of this technology. Naturally, this kind of scenario can cause concern for organizations that are looking to get on board with the numerous IoT benefits on offer, but should you really be worried about the security risk?

What is the Internet of Things?

The basic premise of the IoT is a lot simpler than you would imagine: using internet connections, physical devices can communicate with one another while also being remotely controlled and maintained. So, for example, if you want to control the lighting in your office, you could use a remote application to adjust the lighting from, if necessary, from anywhere in the world. And all you need is an active internet connection for the app to connect to the device.

What are the Safety Risks of IoT Devices?

As we’ve mentioned, there are certain dangers attributed to IoT devices that can seriously threaten the security of your devices and any data transmitted by them. Some of the more pressing risks include:

  • Default Login Credentials: Many IoT devices are sent out with default login credentials, so this means that the username and password details will be exactly the same for every single one of those devices sold. And it doesn’t take long for hackers to begin sharing details of this vulnerability with their fellow hackers. Accordingly, changing default login credentials to a more unique configuration should be the first thing you do before connecting such a device to your networks.
  • Unnecessary Features: Sometimes, IoT devices are packed with a wide range of features that are completely unnecessary for your organization’s needs. The most common example of this is the option of remote access which, for many in-house IoT devices, simply isn’t necessary as all it does is open up a pathway to your network for hackers. Therefore, make sure that only the most relevant features are activated on your IoT devices.
  • Patching IoT Devices is Difficult: Due to the wide variety of manufacturers making IoT devices, many of these companies simply don’t have the technical knowledge to release regular and effective patches. And this represents a major security risk due to the constant efforts of hackers to exploit security vulnerabilities. In these instances, the best way to prevent a breach is to monitor these less secure devices for any unusual network activity. This approach should, at least, indicate if there is a potential security breach in progress. 

Final Thoughts

Although there are a number of very real security risks associated with integrating IoT devices into your organization’s IT network, these don’t have to convert into a major security breach. Instead, these risks can be significantly reduced by following the advice listed above which will protect your network and keep all your IoT devices interacting with it seamlessly.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Introduce the IoT into Your Organization

Internet of things, IOT, IT Best Practices, IT Plan, ,
21
Aug 2018

 

There’s a good chance that the benefits of the Internet of Things (IoT) could make a huge difference to your organization, but how do you get started?

With around 30 billion IoT connected devices due to be in use by 2020, the IoT is clearly here to stay and the benefits in business are immense. Improved communication, enhanced automation and increased productivity are just a few of the benefits on offer. And, if you’re in business, then you’ll know that these benefits alone are crucial.

However, the IoT world is still relatively new and many organizations are apprehensive when it comes to introducing it to the workplace. Rather than leaving you adrift as your competitors surge forward, we’ve put together some tips on how to introduce the IoT into your organization.

Meet with IT Professionals and Create a Plan

The IoT may seem fairly straightforward in terms of how all the various devices connect, but the truth is that the IoT can be highly complex. Therefore, you need to speak to IT professionals. With their years of expertise in IT innovation, they will be able to recommend the correct technology and how you can begin to implement this into your existing IT network. Otherwise, you will never experience the full range of benefits that IoT can provide.

Understand Why You Need the IoT

If you want to embrace the IoT then you need to understand what it can do for your organization. There are, as previously stated, many benefits on offer from adopting the IoT into your operations, but not all of them will apply to your needs. And that’s why you need to identify the key problems within your business that the IoT can solve. Perhaps it’s increased productivity, perhaps it’s enhanced data processing. Either way, in order to implement the IoT correctly, you have to understand these problems from the very start.

What Can Your Current Setup Provide?

Introducing the IoT doesn’t mean that you have to start from scratch when it comes to your existing IT infrastructure. Many business owners, however, worry that the costs will spiral out of control, but this couldn’t be further from the truth. Sure, there may be the need for certain upgrades to be made to accommodate IoT technology, but plenty of your existing technology will be able to provide a seamless transition. Carrying out a full analysis of your equipment and understanding its capabilities will allow you to identify the areas which need updating.

Establishing Good Staff Training

As with any new form of technology, the IoT will require a certain level of training for your staff. Their existing knowledge of the IoT and the level of interaction they will have with the IoT in your organization will vary, but training is essential. This can be offered either in-house or by external training courses that specialize in training in IoT practices. Once your staff has received the relevant level of IoT training required you’ll find that the integration process is as hassle free as it can be.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Best Ways to Use the Internet of Things in Business

Internet of things, IOT, Productivity, , ,
26
Jun 2018

The Internet of Things (IoT) has revolutionized the way we do business thanks to the accessibility on offer, but are you getting the best out of it?

More and more organizations are using IoT devices to help improve their business operations and it’s estimated that around 31 billion IoT devices will be in use by 2020. The aim of these IoT devices, in business, is to maximize productivity and help organizations deliver fantastic customer experiences. Understanding how they can achieve these objectives, however, isn’t as simple as just plugging the devices in and letting them get to work.

To help you appreciate which areas of your business they can improve, we’ve put together a list of the best ways to use the IoT in business.

Analytics

Due to the vast range of IoT devices now available, it’s possible for businesses to measure and analyze almost anything you can imagine. Say, for example, you want to understand the usage of forklift trucks in your warehouse. Sure, you could ask people in the warehouse for anecdotal evidence, but this would only be a rough estimate. If, however, you have an IoT sensor which measures movement, you can calculate some seriously precise data. And, with this data, you can then analyze it more closely and determine much more effective solutions for improving your forklift usage.

Understand Your Customers

Many IoT devices allow you to monitor the behavior of your customers and this gives you a significant edge in understanding their preferences. By collecting based on your customers’ usage of your products, you can begin to build a list of insights which detail their exact needs of your customers. This gives you the opportunity to enhance your products and make them much more beneficial to your customers in future. Accordingly, customers are more likely to stay loyal due to the enhanced experience.

Asset Management

Tracking and maintaining assets has always been a difficult task for businesses, but the IoT has opened up new opportunities that promise to make it easier than ever before. Temperature monitoring devices, for example, can be installed into refrigerators and data then transmitted to an online portal. This can provide immediate and instant reference data all in one place so, if you work in a store with numerous refrigerators, you can immediate see how they are performing without having to go and check each individual unit.

Enhance Your Supply Chain

A good supply chain is crucial for good business and the IoT can deliver some amazing benefits for your supply chain. The IoT allows constant updates to be logged regarding your supply chain and this ensures excellent visibility for stock and products. Delays on parts and other stock issues can be identified exceptionally quickly and this means that these problems can be solved and improved just as quickly. With a more efficient supply chain in place, you’ll also be able to deliver a much better customer experience.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Hide ‘N Seek Botnet Threatens the Internet of Things

Cyber Attack, Hacking, Internet of things, IOT, malware, Password Security, Security, Security Threats, , ,
08
Mar 2018

The Internet of Things (IoT) has a new security threat and this time it uses peer-to-peer communication to spread, infect and compromise devices.

In January 2018, security researchers working for Bit-defender discovered a new botnet which, although not related, has similarities to the Reaper botnet. Originally infecting just 12 IoT devices, the Hide ‘N Seek botnet had soon amassed over 32,000 IoT devices by the end of the month. With the ability to steal data, take control of the device and run malicious code, Hide ‘N Seek represents a serious threat.

Understanding new and emerging threats to IoT devices is crucial if you want to protect your organization’s network, so it’s time to investigate Hide ‘N Seek a little closer.

Hide ‘N Seek is No Game

A brand of IP camera manufactured in South Korea appears to be the initial infection source for Hide ‘N Seek, but the botnet is actively attacking other IoT devices. Using randomly generated IP addresses, Hide ‘N Seek attempts to connect to any devices listed against these addresses. If the botnet succeeds in connecting then it either uses default login/password combinations to gain access or performs a brute force attack using a dictionary list to crack the login credentials.

With access obtained, Hide ‘N Seek analyses the device to discover any potential vulnerabilities such as the ability to download malware or launch DDoS attacks. The remote botnet hacker also has the option of executing any command they wish on the infected device; this option provides them with the chance to steal any files they wish. The capabilities of Hide ‘N Seek are clearly advanced and innovative, but what’s even cleverer is that it appears to be constantly redesigning itself to minimize detection.

Communication between the infected devices is made possible by the peer-to-peer network at the heart of Hide ‘N Seek. Using peer-to-peer software for hacking is nothing new, but previous methods have always involved modifying existing torrent software. Hide ‘N Seek is taking hacking to a new level by using completely custom built peer-to-peer software which has no central command unit; therefore, closing this network down is virtually impossible.

Combating Hide ‘N Seek

The advanced design of Hide ‘N Seek is proof that it’s the work of highly skilled hackers, but, once again, the vulnerability being exploited is the use of default passwords. Let’s face it, giving a hacker a key to a locked door is the worst form of security you can imagine, but this is exactly what default passwords are. And this is why password security remains the number one priority for any devices within your network, whether they’re connected to the IoT or otherwise.

By changing these default passwords while devices are on isolated networks, your organization can seriously increase the strength of their defenses. Otherwise, you’re leaving your networks at the mercy of malicious botnets such as Hide ‘N Seek. And, believe me, just as Reaper wasn’t the last IoT botnet, neither will Hide ‘N Seek be the final word in hacking in this new IoT landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Hacking the Internet of Things For a Few Dollars

Company Updates, Cyber Attack, Hacking, Internet of things, IOT, Security, Security Threats, , , , ,
06
Mar 2018

The Internet of Things (IoT) has many security concerns, but perhaps one of the most pressing worries is that IoT devices can be easily hacked for just a few dollars.

A group of elite hackers have recently demonstrated the ease with which a hardware hack can be unleashed to take control of IoT devices. All they require to carry out the hack is an SD card reader, the ability to solder and a length of wire – all in all, this should come to around $10. And once they’ve taken control of the device they can not only exploit any data on there, but also use it as a stepping stone to get further into the network it’s on.

With the number of IoT devices expected to hit the 20 billion mark by 2020, the risk of attacks on these devices is only going to get greater and greater. And, for a business, where nearly every employee will have access to an IoT device, perhaps it’s time to get acquainted with this low cost and easy to deploy attack.

Hacking on a Budget

The hack in question is a flash memory attack and, as such, targets IoT devices which have a flash memory – in particular a form of memory known as eMMC flash. It’s likely that you’ve never heard of eMMC flash, but it’s built into a wide range of devices such as smart TVs, cell phones, tablets and even refrigerators. Just think about how many of those devices are in your organization and connected to your network – that’s right, it’s pretty scary. What, though, is this $10 hack?

Well, the hackers – who go under the group name of exploitee.rs – have revealed that they can gain read/write access to devices by taking a flash memory card and soldering wires to five specific places:

  1. Data line
  2. Clock line
  3. Command line
  4. Power line
  5. Ground

This access allows the hackers to start stealing data and to issue commands to the device before taking complete control of it. Once the flash memory card in question is put into an SD card reader, it can then be connected to a PC to glean complete copies of that device’s data inventory. And it’s at this point that the hackers are able to identify zero-day vulnerabilities in the device, vulnerabilities which can be applied to that specific device and any other unit of the same product.

With this information to hand, the hackers are then empowered to launch remote attacks against said device and, potentially, use these infiltrated devices to gain access to the networks they’re connected to. And all of this is possible because hardware manufacturers fail to secure flash memory on their devices, they’re only concerned with creating a front line defense with nothing behind it.

Managing IoT Security Concerns

Hardware manufacturers are slightly off the pace as demonstrated by this budget hack, so for the consumer it’s particularly troubling. As ever, the best advice is to install patches and firmware upgrades as soon as possible. However, when a hardware vulnerability is found it means that it has the potential to leave huge numbers of the same devices – if not all of them – at the risk of being hacked. Therefore, identifying the form of flash memory present in devices may become a major buying point for consumers.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4