How secure is the smart-connected IoT world?

This blog post is brought to you by the Police Digital Security Centre (PDSC), a not-for-profit organisation, owned by the police, that works across the UK in partnership with industry, government, academia and law enforcement.

Do you know how many IoT (Internet of Things)smart-connected devices you have in or around your premises?

Have you changed the default passwords on your camera, sound system, TV, refrigerator, coffee machines, lighting systems, alarm, CCTV, conference facilities……?

More importantly, would you be able to spot a hacker?

Of course, you can. He’s the suspicious guy in the hoody, scruffy jeans and trainers and wearing sunglasses with his head down feverishly typing on his laptop! Joking aside, it could be anyone inside or outside your premises.

Is wireless vulnerable and should I be worried?

It’s really a combination of design and opportunity. Many wireless devices are built with convenience, not security, in mind, so they often have vulnerable interfaces, unprotected storage, hardcoded backdoors, unencrypted communications and insecure pairing procedures that can be exploited by hackers. The guy with the hoody!

They also typically communicate over the “air”, via open hotspots, unmanaged or public wireless networks, and peer-to-peer (P2P) wireless connections, so they are completely invisible to your traditional enterprise management and security systems.

All that is needed to attack a wireless network from a bench, a van located outside your premises, or from an office nearby, is a £200 attack device easily concealed in a backpack. Wireless attackers use “off the shelf” toolkits and devices to scout and attack the airspace, and no special skills are required. Attacks like Karma, Evil Twin, or Wireless De-auth can be highly effective in disrupting businesses, data theft, harvesting customer credentials and even deploying ransomware.

You are probably concerned. Rightly so!

To learn more and how to protect yourself from wireless-borne attacks click here

Sharing cyber security advice, education and raising awareness is the most effective way of reducing the vulnerability of small businesses to the most common types of cyber crime. It only takes a few simple steps to protect your organisation. 

All our advice and guidance is consistent with the National Cyber Security Centre (NCSC)

*We strive to do our best when supporting small business and their growth. Our business databases can give you information and data that can help you with advertising, market research, company information, and industry factsheets. If you ave already taken the plunge, we would love for you to join us at a seminar, our workshops cover digital marketing, business model canvas and planning, demystifying taxes and intellectual property to name a few. Visit our events page or website for more information.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s