By comparison, the rapidly growing army of Internet objects are virtually, and often completely defenseless. These could be items such as health and fitness monitors, security cameras, baby monitors, kitchen appliances, video game systems, and just about any device that you connect to the Internet. Many of these simply have no security features at all and some of these objects use recycled encryption keys, meaning that if a hacker breaks into one, he can break into hundreds of thousands of other object sharing the same key.
It is estimated that by 2020, there will be somewhere in the neighborhood of 200 billion Internet-connected objects online, and the number will only explode from there. If your company has any Internet connected objects in its arsenal they’re much more vulnerable to attack than the PCs, laptops, and handhelds you’ve got connected. Any of these can be used as a potential point of entry for a hacker.
Recently, a new Google-powered search engine called Censys joined the Internet’s ecosystem. Its purpose? To track every vulnerable Internet object online, and it’s really good at its job. The array of devices you’ll find on the Censys list is both staggering and terrifying. On it, you’ll find everything from ATMs to an array of medical devices, computers embedded in modern automobiles, and even control systems for power plants that supply energy to thousands. Again, everything on this list appears because it is vulnerable. These devices lack even rudimentary security features, meaning that even a casual, hobbyist-level hacker can easily take control of them.
Anyone can use the search engine. The good news is, you can use it yourself to identify specific objects on your own company’s LAN to check for vulnerabilities.
The Internet of Things is still in its infancy, and the security measures we take for granted on our PCs simply haven’t caught up with the millions of objects we’re adding to the Internet. Until that happens, your level of vulnerability increases. Take precautions and research the security of devices that you are going to add to your network to minimize your risk and exposure.