You never know when malware will bite. Even browsing an online restaurant menu can download malicious code, put there by hackers.
Much has been said that Target’s hackers accessed the giant’s records via its heating and cooling system. They’ve even infiltrated thermostats and printers among the “Internet of Things”.
It doesn’t help that swarms of third parties are routinely given access to corporate systems. A company relies upon software to control all sorts of things like A/C, heating, billing, graphics, health insurance providers, to name a few.
If just one of these systems can be busted into, the hacker can crack ‘em all. The extent of these leaky third parties is difficult to pinpoint, namely because of the confidential nature of the breach resolution process.
A New York Times online report points out that one security expert says that third party leaks may account for 70 percent of data breaches, and from the least suspected vendors, at that.
When the corporation’s software remotely connects to all those other things like the A/C, vending machines, etc., this is practically an invitation to hackers. Hackers love this “watering hole” type crime , especially when corporations use older systems like Windows XP.
Plus, many of the additional technological systems (such as video conference equipment) often come with switched-off security settings. Once a hacker gets in, they own the castle.
The New York Times online report adds that nobody thinks to look in these places. Who’d ever think a thermostat could be a portal to cyber crime?
Security researchers were even able to breach circuit breakers of the heating and cooling supplier for a sports arena—for the Sochi Olympics.
One way to strengthen security seems too simple: Keep the networks for vending machines, heating and cooling, printers, etc., separate from the networks leading to H.R. data, credit card information and other critical information. Access to sensitive data should require super strong passwords and be set up with a set of security protocols that can detect suspicious activity.
Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Securing a Home with Automation
You know how much you love to and rely on controlling your TV from your couch? I’m a little dumfounded when I can’t find the remote. And by the time I do, I could have easily changed the channel and found what I was looking for, but the process just isn’t the same without the
- Top 10 Horrible Accidents to Avoid
“When it’s your time, it’s your time.” NOT. Most accidents, including freak, are avoidable. Here’s a compilation from popularmechanics.com. Mauled by a mower. Every year in the U.S., about 95 people die by mower when it flips over on a hill and crushes the driver. Don’t mow sideways on a slope; mow up and down. Wild animals.
- Researchers say your Mobile Carrier’s Network isn’t all that Secure
Gee, even the tools that update your smartphone’s operating system over the air have holes that hackers can slip into. It’s estimated that as many as two billion handsets are vulnerable, and in some instances, security patches haven’t even been released. The open mobile alliance device management (OMA-DM) protocol is used by around a hundred smartphone companies
- Criminal Hacker Gets 20. Books, Movies and Hollywood Starlet Next
Robert Siciliano Identity Theft Expert Albert Gonzalez and his gang of criminal hackers were responsible for data breaches in retailers and payment processors, with some estimates saying they breached over 230 million records combined. Gonzalez, considered a proficient criminal hacker, provided “dumps,” a term which refers to stolen credit card data, to “carders.” “Carders” are the
- What is a Hacker?
You probably think you know what a “hacker” is, but the images portrayed in the media can be misleading. You may be thinking of a geeky-looking guy who causes peoples’ computers to get infected with viruses or cracks passwords to raid the accounts of big business. This is one kind of hacker, but in a