In the News

Researchers set up a tempting honeypot to monitor how cyber criminals would exploit it. Then it came under attack.
Security is the Achilles Heel of IoT, and IoT may be the Achille’s heel of today’s enterprise networks.

Those are the conclusions of two recent industry surveys, which are sounding the alarm over the vulnerability of IoT devices to tampering, hacking or other incidents.
Forty-four percent of small business owners say they plan to invest in resources related to the Internet of Things, according to the Q1 2020 CNBC/SurveyMonkey Small Business Survey.

Yet only 20% of respondents say they plan to invest in cybersecurity software.

Experts say small businesses that lack a serious component of cybersecurity are taking a big risk.
Researchers warn that there's more and more unauthorised connected devices on corporate networks - and that they could provide easy pickings for cyber criminals.
According to a survey conducted by Extreme Networks in 2019, seven in 10 organizations have reported either a successful or attempted hack to their systems via their Internet of Things (IoT) devices. Extreme Networks recently released the results of a survey that examined the view of 540 IT professionals on network security. The report revealed that organizations lack confidence in their network security and underestimate insider threats.
More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix.

Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall.
Employees are bringing their own Internet of Things connected devices to the workplace and could be putting organizations at risk from cyberattacks because enterprise security teams aren't always aware that these devices are connected to the network.
According to researchers at Netlab 360, a new botnet is actively spreading its network using unpatched Wi-Fi routers such as D-Link, Huawei, Netgear, called as Mozi, it’s using telnet to exploit systems with weak passwords and adds every device into its network with a final goal of performing DDoS attack.
The Internet of Things (IoT) is driving transformational change in IT infrastructures. Connecting everything — printers, medical devices, cameras, industrial devices, door locks, cars, etc. — to the network, the cloud or both is creating a vast, porous security perimeter.
From smart thermostats, which can change the temperature remotely, to intelligent lighting, controlled and adjusted from almost any smart phone or internet connected device, the addition of smart technology within a building creates an array of new access points from IoT devices. This ultimately means that when offices turn their workplaces into smart buildings, attackers have an even larger range of entry points to gain access to organizations’ networks.
You probably know by now about rampant insecurity in Internet of Things devices. You've likely even heard about vulnerabilities in desk phones specifically. Security research into the devices—and the potential for hackers to take them over, turn them into listening devices, or use them as jumping off points to take over corporate networks—has been going on for years. But even in security it seems that no good deed goes unpunished.
Security vulnerabilities in popular internet-connected digital cameras could allow hackers to infect them with ransomware, rendering the devices useless, or deploy other forms of malware which could potentially turn a camera into a gateway for infecting larger networks.
Most IoT cyberattacks result in downtime, compromised data, end-user safety, brand or reputational damage, or a loss of intellectual property, according to a new Irdeto report.
Cyberattacks on IoT devices surged 300% this year. Over 2.9 billion events were observed by one security provider’s global network of honeypots in first half of 2019. It was the first time the provider had ever measured billions of attacks occurring over a 6-month period.
Researchers Say Mirai Derivatives and EternalBlue Exploits Pummel Internet-Connected Devices
Hackers are a resourceful bunch, and they'll look for any weakness that can be exploited to break in to a computer network. Once they're in, they'll use any available method to get the data they discover out.