The Cybersecurity Risk Creeping in Through the Backdoor

philipp-katzenberger-iIJrUoeRoCQ-unsplash
Photo by Philipp Katzenberger on Unsplash

We are now more digitally tuned in than ever. Not so long ago it seems, the average household in the USA could claim to have 2 internet connected PC’s. Today that figure would be more like 11 and thanks to 5G, that figure is set to soar. In 2017, the home security devices market was worth around 4 billion dollars. By the end of 2022, the value of the market is forecast to have tripled to 12 billion dollars.

Yet as consumers stockpile on products to feel more secure, these same products may be bringing home unwanted security flaws. A harrowing example recently featured a virtual intruder posing as Santa Claus who hacked into a Mississippi family’s daughter’s bedroom camera and hurling racially abusive slurs at her.

Hackers are also breaking into the booming market of s0-called home security in the equally expanding age of the Internet of Things – to tap into the sweet shop of opportunities provided by the growing array of internet-connected cars, watches and TV’s – amongst others – which come with promised but barely adequate security protection. Inundated with these devices, consumers are businesses alike are totally blind to the hidden risks in store for them.

New gadgets, New (hidden) risks

Risks and consequences that only increase when people go to work with their private devices and use that seemingly innocent coffee machine in the corner – all are now connected and online Seemingly insignificant devices which unfortunately provide unwanted intruders with means of hacking into more significant computer networks and systems – like a casino in 2017 whose connected aquarium allowed hackers to phish data from the casino’s network.

To exacerbate things further, these IoT devices are always switched on, watching and listening discretely to us in our homes and at our desk at work. As we don’t notice them, we don’t notice their potential danger to us. It was even identified recently that for all the guarantees of security, Amazon’s Alexa smart device speakers were actually very capable of spying on users’ conversations.

The risk attached to IoT devices comes with a very hefty economic price tag.  Devices breaking down can leave networks and websites down for days if not just hours –  a ‘distributed denial of service’. Whilst large companies can lose in the tens of millions from such breakdowns in service, smaller companies can lose up to 13% of their annual revenue to IoT hacking, according to research. Consumers can be hit by these IoT hack costs passed down to them for wrongly over-billed usage etc.

Added to the price of hacking devices comes the human cost as hackers can target cars and medical devices, causing accidents thereby putting lives in danger. And this isn’t going to go away as more and more internet-connected cars hit the road.

Same old bugs

Fast-changing technology coupled with our growing preference for cheap and easy to use (our ignorance of warnings around public wi-fi and creating strong passwords an example) only increases the risks we then face using these IoT devices

Simultaneously, you can be sure that start-ups will continue, as usual, to rush these products to market to make a sale and please us whilst skimming over potential bugs and security gaps. And hackers will likewise continue to look out for these gaps to creep in through. A group of researchers found in half an hour that they were able to access passwords for the large majority of shop-sold devices.

And while governments strive to reassure us that there are laws out there to protect the consumer, manufacturers can just get away with stating that their products come with “reasonable security features.” The end result is that these laws and legal protections are unclear, infrequent, and don’t stand up to the test, leaving the consumer to act as a testing ground.

At the same time, criminals won’t change, always looking for weaknesses in the routers (their favorite target) to get into networks and get at the juicy data within –  so long as there’s a buck to be made.

With risks come juicy opportunities

This all makes for a significant and growing threat All of that adds up to a serious and mounting threat, for sure. Yet, as illustrated by the indispensable Blackberry with its hackproof wad of measures, it is also an opportunity for significant and bulging business. Not so long ago, don’t forget, McAfee and Symantec made fortunes off the back of PC virus software.

With the tech sector booming and unemployment rates low, cybersecurity talent can be hard to recruit and retain.

In a recent study, (ISC)2 — the world’s largest nonprofit association of certified cybersecurity pro revealed that the worldwide cybersecurity skills gap currently stands at almost three million;  exposing a serious shortage of talent working in the IT security sector. This means that almost two-thirds of businesses are lacking the cybersecurity skills required to keep threats at bay. This figure is concerning as 59% say their companies are at moderate or extreme risk of cyber-attacks due to the shortage.

As a result, companies must work much harder to broaden their range of potential candidates, seeking smart, motivated, and dedicated individuals who would be good teammates.

If you are an established company with lots of job openings or a startup with no dedicated recruitment team and no experience in hiring process we can help you. We work with permanent staff and professional contractors from a wide range of cyber security disciplines and skillsets