With a growing number of devices being connected to the Web, the breadth of the Internet of Things is increasing each day. However, cybercriminals have begun hacking connected devices. This makes endpoint protection strategies all the more important for every Web-connected devices.
According to CIO.com, the Internet of Things utilizes individual IP addresses for each connected device. Hackers are aware of these intricacies, as well as the fact that many of these devices are easy to identify and are “wide open to hacking.” All that cybercriminals have to do is utilize an automated program that scans for vulnerable IP addresses of Web-connected items. With a few lines of malicious code sent to the device, a hacker can take control and leverage the item for data leakage or another dangerous activity.
CIO.com stated that a range of appliances can be hacked from within the Internet of Things, including firewalls, wireless routers, servers and storage drives, surveillance cams, webcams, IP cameras, VoIP phone systems, FM radio transmitters, videoconferencing systems and climate-control appliances. Most often, Internet of Things-related items are utilized for fraudulent credit card transactions.
“We are seeing credit card transactions from baby monitors, DVRs, TVs, printers, medical devices, you name it,” said security expert Tommy Stiansen, according to the news source. “It’s coming from all types of industries and from homes.”
Baby monitor hack
Stiansen demonstrated the ease of hacking into these devices when endpoint protection software was not protecting them. Simply by clicking the IP address of an activated baby monitor, for example, he was able to access a live view of the owner’s living room. While attacks of this kind present an incredible invasion of privacy, Stiansen told CIO.com cyber attackers are utilizing them to locate other devices and control similar systems.
Furthermore, Ars Technica reported that hackers can also invade a baby monitor application that lets users remotely access the device to listen to those within earshot, which could lead to sensitive data leakage. For example, if a homeowner is ordering a pizza and providing payment information over the phone while near the baby monitor, a cybercriminal simply needs to listen for card information over the device.
Ars Technica said a lack of endpoint data protection on the application allows nearly anyone to access the monitor once they gain access to the network.
Users should implement security software on all vulnerable endpoints. As the Internet of Things continues to grow, the importance of such software increases as well.