If you own or run a business you should be aware of the need to protect your machines and networks from hackers. But what happens when hackers target your door locks, CCTV security cameras or smoke detectors?
The way we live and the way we do business is being transformed by the Internet of Things (IoT) – devices which connect to one another to collect or send data over the Internet.
IoT is set to treble the number of devices connected to the internet by 2020. But, by connecting more devices to a network, we are introducing new vulnerabilities for hackers to exploit, generate a lot of traffic and cause major damage.
What is an IoT attack?
In October 2016 hackers installed a virus into hundreds of thousands of wireless routers, printers and CCTV cameras which allowed them to drive colossal amounts of web traffic to Dyn – a technology company that provides DNS and other internet services. The attack flooded the company with extra traffic and caused the websites of its customers, including Twitter, Spotify, and Reddit, to go offline.
This is why IoT is also seen as a growing threat to small and medium sized business. As more businesses start to adopt IoT technology, the more un-secure devices become available to be recruited into ‘Zombie Armies’.
All hackers have to do is install a bit of software, known as a ‘botnet’, onto your device and leave it dormant in the background. They can then sell (or buy) access to your infected devices and use you to carry out larger DDoS attacks against governments, critical infrastructure, media or financial institutions.
How can you protect your business devices?
Worryingly, experts believe the Dyn attack was the start of things to come. Consulting firm Deloitte Global predicts that DDoS attacks exploiting the Internet of Things “will become larger in scale, harder to mitigate and more frequent” in 2017.
SMBs should be on the look out. Whether your business is the target of a DDoS attack, or your business devices are used to carry out an attack, the fall out can have a devastating impact on your critical business operations. An attack can disrupt your customer’s experience and damage your reputation. Furthermore, businesses affected by a cyber attack of any kind are often targeted more than once.
So what should you do to protect your devices from becoming involved in DDoS attack?
- Make sure your IoT devices’ security controls are configured correctly. Use 2-step authentication and strong passwords.
- Ensure your IoT devices have the necessary security certification marks and guarantees.
- Install security patches and upgrades when prompted.
- Install a good firewall with content monitoring to identify unusual or extra traffic loads.
- Check with your web host vendor how they can help in the event of an attack. What protections are in place if your server traffic increases from an attack or your web host vendor gets taken offline?
- Carry out full and frequent data back-ups in the event that you have to move to a new hosting service.
- Limit risk by separating your customer facing access and data from your operational IT infrastructure.
Worried about an IoT Attack?
If you feel like it’s time to address your business’s IT security and develop your security plan, we can help with managed support services designed to protect your business. Please get in touch today.