There has been a lot of discussion recently about the “Internet of Things” (shortened “IoT”). The IoT is made up of devices, vehicles, appliances, or other non-traditional computers that can communicate independently over a network. In a financial institution, IoT devices often include cameras, thermostats, security sensors, and music or video systems.
In addition, some institutions are starting to use IoT technology to enhance services to customers by using Bluetooth “beacons” to detect and pre-announce customers at branches or by providing apps that allow bill pay via Amazon Alexa.
While IoT devices provide convenience, they can also have a dark side. Attackers sometimes use security holes in IoT devices to use them to attack other systems. In October 2016, the Mirai botnet used cameras and other devices to bring down large portions of Twitter, Netflix, CNN, and other sites.
Vulnerabilities have also been discovered in baby monitors, cardiac devices in hospitals, and even Jeeps. A recent vulnerability found in Google Home devices was found to allow an attacker to determine the physical location of the device within feet, allowing an attacker to use this data to launch blackmail or extortion attacks.
Financial Institutions need to be aware of the dangers of IoT devices and need to take steps to protect themselves from these dangers. Some steps that should be considered include:
One of our passions here at Bedel Security is assessing risk. We'd love to help you assess the risk of your IoT devices. Just shoot us an email at support@bedelsecurity.com!
Your Fax Machine Can Let In Intruders
https://www.bedelsecurity.com/blog/your-fax-machine-can-let-in-intruders
The Most Underrated Control in Information Security
https://www.bedelsecurity.com/blog/the-most-underrated-control-in-information-security
Typ0squatting
https://www.bedelsecurity.com/blog/typ0squatting