Printers, wifi routers and internet capable cameras are all seemingly innocuous electronic devices – but don’t be fooled, they are fast becoming a popular target for hackers.
Tech companies are upping the in-built security on the devices, as a report into global internet security reveals the devices are becoming more plentiful and more attractive to cyber criminals.
Internet capable devices, for example printers, usually have low or no security compared to computers, tablets and smartphones but often provide access to important information.
Modern printers, for example, store the information they receive. So all those financial reports, invoices and sensitive information you are printing are often sitting there unprotected on the printer’s memory chip.
A New Zealand Police spokesman said the devices have been targeted for about a decade, but the cyber attacks were growing in regulatory and significant.
In fact, one of the biggest cyber attacks of 2016 involved connected devices. French internet service provider OVH’s service was taken down when more than 150,000 devices were manipulated to target its servers.
Global internet security company Symantec’s 2016 report was released today. The company’s technology strategist for the Asia-Pacific region, Mark Shaw, said the company had conducted its own tests on the security vulnerabilities of connected devices.
The Internet of Things (IoT) – where previously offline devices advance to have online capabilities – was fast becoming a real risk, he said.
Experts have warned of the dangers for some years, but these were starting to be felt now as an estimated 20 billion-plus of the devices are used worldwide.
Symantec created a “honey pot” of unprotected connected devices in 2016. When activated, it took just two minutes for the devices to be attacked.
In January, there were four attacks per hour. By December, there were nine.
“It’s no longer theoretical, it’s now definitely a reality that manufacturers need to be significantly mindful of.”
Shaw said the use of common or in-built manufacturer passwords like “admin” or sequences of numbers made it very easy for hackers to access devices.
When one hack worked, it was likely the method and source code would be released online for other hackers to find and use, too.
“There was a massive commonality across all of the devices…nearly anyone could connect using the same credentials.”
Some companies were already strengthening devices to protect against threats, while software companies also offered the protection.
It was hard to get numbers of attacks in New Zealand, said National Computer Emergency Response Team operations manager Declan Ingram.
He said it was important to use strong passwords and update software and security programs.
The police spokesman agreed.
“Devices with storage are more likely to be targeted because they hold information which may be useful to people.
“The impact of electronic hacking can be devastating for people and businesses, in terms of emotional harm and potential loss of sensitive information.”