A million ways to get hacked in the wild west of the worldwide web

Published Apr 29, 2021 by Xiph

Your home or business may now be a hacker’s playground – here’s what you can do!

Everybody knows that there are two sides to the technology coin and nowhere is this more evident nowadays than in the home and in the office. While tech has ushered in a new era of convenience, expedience and sleeker work/task flows, we also need to be aware of the vulnerabilities that have come along for the ride.

A million ways to get hacked in the wild west of the worldwide web

With the advent of the Internet of Things (IoT), “smart homes” and smart devices, where almost everything has been “plugged into the web” for convenience’s sake, it seems that motivated hackers can help themselves to critical functions and sensitive data in both the home and the office. The global pandemic has already blurred the lines between home and office and this has perhaps accelerated the charge towards living life in an online world. Nothing wrong with that in theory. But if we take a closer look at what that means though the lens of data security and privacy, we might also look at our always-on/always connected devices with a more critical eye.

What do you see when see a sea of IoT devices?

If you’re a hacker, a bad actor with worse intentions or a data harvester, you will see a whole ocean of opportunity at your fingertips, partly because of these three factors:

In one recent attack, over 100 million IoT devices were left exposed and vulnerable

It’s estimated that over 75 billion IoT devices and sensors will be in use or circulation by the year 2025

Many of these devices contain code that was written or conceived 20 years ago – and cybercrime has come a long, long way in those two decades!

That last point raises an especially important question that we must answer or at the very least, consider. If connected devices in our homes and offices that might include phones, TVs, cameras, gaming systems, toasters, fish tanks and fridges (amongst other things) are connected via tech that is up to, or over a decade old, are we safe from today and tomorrow’s cybercrime? Is anyone?

Let’s look at a real example from pre-Covid times when the world was a happier and safer place… perhaps. Three years ago, hackers made the news when they used a fish tank (yes! A fish tank) in a North American casino to access over 10GB of data. How? Well, it’s a similar story to other occurrences that we’re seeing throughout homes, offices and factories all over the world. The high-tech fish tank’s temperature, salinity and feed patterns were all monitored through internet connectivity. In other words, if there’s a vulnerability through which cybercriminals can access data, they will find it – even if they have to wear goggles. 

But it’s no laughing matter. Think about the connected devices in your office, your home. How might they all look from the outside looking in? What damage could be done and what are the most damaging threats?

Watch out for these 3 threats that could scuttle your business

There are any number of threats out there that could be employed by hackers, bad actors and data harvesters and their ingenuity is limited only by their imagination. The damage that can be done falls under a number of categories, here are just three:

Threats to your sensitive data. Sensitive data, includes passwords, browser history, photos, banking and account details, commercially sensitive information. But we’re also talking about access data streamed from cameras (CCTV and doorbell) as well. Needless to say, tremendous reputational and commercial havoc can be wreaked here.

Sabotage! Sure, if someone accesses your internet-connected coffee machine you might end up with too much sugar in your latte but keep in mind that many businesses will have established internet connectivity through heating and air conditioning systems, vehicles and assembly lines as well.

Botnets. You could also think of botnets as criminal zombie gangs in cyberspace. They will infect huge numbers of devices to orchestrate a “distributed denial of services (DDoS)” attack. This is where a targeted stream of network requests from a massive number of devices effectively crashes your system. The motive could be anything from blackmail to simply making a point.

Sensible steps to minimise the risk

We make a point of reiterating and revisiting vital steps to help maintain your online privacy and keep your data safe from attacks and we’re continually looking out for the best solutions to a problem that may never completely go away. Our advice? Remember to:

Lock your phones and devices – but also shop for secure phones we endorse right here.

Secure your email by using a secure platform. Again, think about the importance of security both reputationally and commercially. We have the right secure options for you.

Create strong passwords or shop for one of our USB keys (Yubikey or Librem).

Protect yourself with a Virtual private Network (VPN) – shop for more secure options for more peace of mind.

Take care, take precautions and take your online privacy seriously – there may be a million threats out there but the preceding 4 steps can help keep your data safe.

Posted in: Security

Get In Touch