Companies commonly overlook IoT risks. Many times they assume that they are being managed by a third party or don’t understand how IoT devices connect to their traditional network. But internet-connected devices could pose a major threat to your network’s security. They can be either a point of entry to your network or used to attack someone else’s system.
IoT devices can be particularly worrisome when you rely on employees to operate them securely. According to a 2017 Willis Towers Watson study, employee negligence is responsible for 66 percent of cyber breaches. Employees may not be malicious. But they could be careless. Their negligence could be your problem if your network is breached. Take these next two examples of how a lack of basic security best practices resulted in a massive exposure to risk—or worse, a massive attack.
IoT Entry Point Attacks
In 2015, researchers found that more than 5,000 U.S. gas stations were at risk of a breach because their automated tank gauges (ATGs) were on the public internet—without password protection. Trend Micro had also found examples of hackers attacking the devices, from simply modifying a gas tank’s product label to dangerously altering the tank’s behavior.
According to DarkReading, the problem has worsened, …