With so many Internet of Things (IoT) devices coming online, keeping them all up to date can be an overwhelming task. The reality is that every single Internet enabled device can be vulnerable to the same types of attacks that a computer or cell phone would be. Furthermore, they can work as a doorway into the rest of your network. With that in mind, here are 5 devices that you probably didn’t know you need to update.
1. Baby and Security Cameras
Many of the popular webcams used still run with the default passwords. Some even use simple open source software that hasn’t been updated in years. Because of this, they become easily exploitable as the attackers learn of those default passwords or backdoors. Just a few years back there were plenty of new stories about baby cameras being available to watch online without families knowing they were publicly available.
2. Smart TVs
When new TVs are manufactured they have to be able to play Netflix, YouTube, Amazon Prime, and more. Because of the rapid pace of deployment, software and security are usually an after thought if even a thought at all. Many manufacturers have deployed poor software that’s allowed built-in video cameras to be used for spying. In other cases, annoying pranks like changing channels, upping the volume, and generally controlling the TV can take place. Stick with a vendor that regularly updates the software.
Even with documents going digital, all-in-one printer and scanner units are more web enabled with integrations to Google, Dropbox, OneDrive, and more. When those printers get attacked and documents start landing in the wrong accounts or web portals big time data breach exposure is possible.
4. Smart Speakers
At the Defcon hacker conference, white-hat attackers showed a proof of concept on how they could exploit an Amazon Alexa controlled device to take it over and control the Amazon account. Amazon quickly fixed that issue after it was revealed. However, this clearly shows that all Internet controlled devices are targets.
5. Door Controllers
Those really slick door access systems for getting in and out of your business or home typically tie back to an app. They’re also usually running a small computer based on something like Linux. When these aren’t updated, they risk becoming part of a large IoT botnet. Software backdoors on access control systems are notorious for being left to run as is but also run extra software that could be used for mining bitcoin, being rented for large enterprise attacks, or to spread malware to targets.
The Internet is a marvel and allows for so many conveniences. It’s just important for both your business and home that you don’t let your guard down just because of things appearing “easy”. For your business, make sure those security updates are applied on a regular, proactive basis. Furthermore, make sure someone is actually monitoring the network for vulnerabilities just like those mentioned above. If you need help, reach out to our team at Blue Collar Computing. We’re always happy to discuss solutions!