According to them, these types of devices are so lacking in the most basic cybersecurity protocols that they can be compromised in as little as three minutes. This allows hackers to steal data, conduct corporate espionage, or even cause physical damage.
Every IoT device is a potential data security risk. This includes connected climate controls, VoIP phones, smart fridges, connected printers, and even smart light-bulbs.
The dangers of these devices are further explained in ForeScout’s IoT Enterprise Risk Report. The report is based on research conducted by Samy Kamkar, an ethical hacker.
The research has shown that not only do IoT devices pose a data security risk due to a lack of rudimentary security, many of them are also running outdated firmware. These vulnerabilities can be exploited by hackers to install a backdoor or launch automated DDoS attacks.
For example, a physical break-in may be possible by remotely taking control of a camera by using the default factory login credentials, either independently or with the aid of a hacker. If hackers gain unauthorised access to a company’s climate control, they can cause the server room to overheat, causing physical damage to the hardware.
Recent cyberattacks on Twitter, Spotify, and Reddit were believed to be launched by an IoT botnet, which further strengthens the case made by the report.