Suddenly, every device is smart. From home security products to televisions, thermostats and even kitchen appliances, manufacturers are marketing the idea of an always-connected lifestyle — the Internet of Things (IoT) — for all they’re worth. The problem? According to the FBI’s Internet Crime Complaint Center (IC3), the spread of Internet-capable devices “also increases the target space for malicious cyber actors.” But what do new attack vectors look like, and what steps can users take to defend their online interests?

An All-Out Attack

As noted by the IC3 warning, networked devices can now take almost any form. If they’re hacked, there could be serious consequences not just for digital data but the physical world, as well. At the least worrisome end of the scale are issues like those faced by smart-TV-maker Samsung: Earlier this year users discovered that the television’s voice recognition system would capture and transmit any spoken data to certain third parties, regardless of context, Newsweek explained. The company’s Smart TV privacy policy pulled no punches: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”

Next on the list are hacks to more sensitive technology like baby monitors. According to Fusion, a recent security test of nine different baby monitor models found that all came with significant security flaws. The biggest worry? That every camera came with a hidden or hard-coded account that consumers couldn’t change. Likely meant to serve as access for support or other admin functions, the practical effect is that attackers get an open door to almost any monitor on the market. It gets worse: As noted by Computerworld, researchers from the University of South Alabama recently hacked pacemakers and insulin pumps to kill robot mannequin “patients.” Bottom line? Compromised IoT devices are a big deal.

IoT Is a Popular Risk

Despite the emerging risks, however, many companies are still on the path to significant IoT adoption. A recent Datamation piece noted that 68 percent of IT pros are under pressure to adopt smart devices and other Internet-accessible technologies even if they’re not entirely secure. This is a scenario where the ends justify the means: Increased efficiency now is worth the challenge of network defense or data recovery later.

So where does this leave device users and security professionals? For the moment, they’re caught between a router and a network. New IoT devices offer real promise, but defensible software and hardware architecture simply isn’t part of the native design process just yet. According to the FBI, however, there are ways to reduce the possibility of an attack. First, companies are well-served by isolating IoT devices on protected networks, along with disabling the universal plug-and-play protocol on any routers. It’s also critical to change any default passwords and opt for devices made by manufacturers with a track record of solid security.

The best advice is to consider both need and potential solution: Is an Internet-connected device required or merely a novelty? In other words, is going IoT the ideal fit? In some cases, absolutely; but in others, choosing a proven, secure device over a flashier connected alternative is the best course of action.

The Internet of Things is enjoying rapid uptake among consumers and businesses alike. Not taking the time to curate and secure network-connected devices, however, may shift the terminology to the Internet of Threats.

More from

Increasingly Sophisticated Cyberattacks Target Healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

4 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Machine Learning Applications in the Cybersecurity Space

3 min read - Machine learning is one of the hottest areas in data science. This subset of artificial intelligence allows a system to learn from data and make accurate predictions, identify anomalies or make recommendations using different techniques. Machine learning techniques extract information from vast amounts of data and transform it into valuable business knowledge. While most industries use these techniques, they are especially prominent in the finance, marketing, healthcare, retail and cybersecurity sectors. Machine learning can also address new cyber threats. There…

3 min read

HHS Releases Hospital Cyber Resiliency Landscape Analysis

4 min read - On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release of its Hospital Cyber Resiliency Initiative Landscape Analysis. This landmark analysis reports on domestic hospitals’ current state of cybersecurity preparedness. The scope of the HHS study was limited to activities that protect access to patient care and safety and reduce the negative impact of cyber threats on clinical operations. Breaches of sensitive data were considered only if the breach had a direct…

4 min read