Effective April 1, 2019, the AmTrust Workplace website for your Employment Practices Liability (EPLI) coverage written with your Package, BOP or Workers' Compensation policies is being updated to a new name, AmTrust Employment Risk Solutions, and a new URL, AmTrust.EmploymentRiskSolutions.com. Your existing user credentials will remain in effect and can be used to log in to the new site. Please contact The McCalmon Group, Inc., platform administrators, 888-712-7667, if you have any trouble with registration.
AmTrust Workplace
print   email   Share

Are Your IoT Devices Vulnerable To Attack?

May 31, 2018

A relatively new, but highly favored, target for hackers is Internet of Things (IoT) devices. This is evidenced by the large number of cyberattacks against retail point-of-sale (PoS) machines in recent years.

A study conducted by HP found that 70 percent of common IoT devices on the market today are susceptible to a cyberattack. Each device, on average, has 25 software vulnerabilities.

The 2018 SonicWall Cyber Threat Report states, regarding IoT devices, "These potential vectors for cyber attack are grossly overlooked and unsecured." Michael Keller "Devices on a network's edge are favourite targets of hackers," itworldcanada.com (Apr. 30, 2018).


Commentary

Any device connected to the office network - whether a printer, smart thermostat, or videoconferencing device - can be hacked.

If cybercriminals breach these devices, they can access information on other network-connected computers and devices or infect them with malware or ransomware to shut down operations. Hackers target these IoT devices because they are generally not as well-protected as computers.

The security advisor for HP Print recommends that employees who purchase IoT devices for their organization ask manufacturers what security measures they built into the devices and how security can be updated throughout the life of the devices. Purchasers should do this not only for computers and smartphones, but also projectors, monitors, or any other network-connected device, even if the device itself does not store sensitive information.

Always change the default password on IoT devices. Default passwords are easy to guess and are generally the first ones tried by hackers. Plus, a password may be all that protects the device from hackers because many devices lack sufficient security software. Use a unique, strong password for each device, one that is at least 10 digits long, using a combination of numbers, letters, and symbols. 

When a smart device does not need to be connected to the network, disable it. Keep software on IoT devices updated with the latest patch, just as you would with computer software. Finally, turn off “universal plug and play” (UPnP) because this feature makes it easier for hackers to find and access IoT devices.

Include IoT and network security in your annual cybersecurity training for employees. Do not allow employees to connect personal IoT devices to the organization’s network.

Finally, your opinion is important to us. Please complete the opinion survey:

Are you a new user?

Register Here

 

Retrieve Password

Recent News

Fighting Cybercrime Starts With Addressing Employee Cyber Negligence

New statistics show the risks associated with employee negligence and cybercrime. We provide the data and provide some best practice steps. Read More

Protecting Privileged Credentials: An Essential Step In Cybersecurity

Organizations must take measures to prevent privileged access credential abuse, the leading cause of data breaches. Read ways to protect these valuable credentials. Read More

Knowing The Risk, Why Do You Continue To Reuse Your Password?

Although they know better, most people still fail to use unique passwords for their online work and personal accounts. Learn ways to create passwords that are harder to decipher, but that you will remember. Read More

Recent Articles

The Customer Is Not Always Right: Using Investigations To Prevent Third Party Harassment

The EEOC alleges sexual harassment and retaliation in its lawsuit against a restaurant. Leslie Zieren discusses ways to avoid this common, costly litigation risk. Read More

False Accusations And Defamation: The Risks When Employees Are Accused Of A Crime

An employee wrongfully accused of theft sues his employer and gets a multi-million-dollar award. Following an internal investigative process can help you avoid similar risk. Read More

Conspiracies To Commit Fraud: Steps To Counter

Financial losses following securities fraud can be substantial. Learn how to reduce the risk of securities fraud in your organization. Read More