As if IT managers didn’t have enough on their plates, it’s looking like hardware issues could be a major security vulnerability that hackers will try to exploit.
That didn’t seem too problematic … Until other GitHub users started trying it on their own. The result was a lengthy list of vulnerable routers and modems, some of which may be able to be hacked remotely as well.
Hardware security is a concern
With more and more technology connecting online – the so-called “Internet of Things“ – the list of potential targets for hackers are expanding daily.
And as Wired.com recently reported, many of these devices aren’t secured. Some are actually unpatchable.
That makes for a very stressful situation for IT. After shifting so much attention to protecting computer systems and mobile technology, threats to physical infrastructure are once again taking hold.
Many of these devices opened up online shouldn’t be too concerning. Even if companies shelled out for an internet-connected break room fridge, there isn’t much to gain for a hacker. But with power and HVAC systems going online, the threats are a bit greater.
Evaluate and prepare
This could be a good time for IT to shore up security on some systems you may not think of immediately.
Here are three ways to do it:
- Talk with facilities. See if any upgrades to the building’s systems are in the works, and if so what they’ll entail. Chances are no one would think to alert IT to a air conditioning system that could be controlled remotely until it was ready to go in. But evaluating such systems for security ahead of time could be crucial.
- Take stock of what’s connected. Check out all the devices accessing your network already. If you haven’t yet, create a database that lists these devices by type (computer, mobile, hardware, etc.) so you can tell at a glance which is which.
- Update firmware. Patching software is still a huge area of concern. But don’t neglect printers, routers and other firmware. These devices can be just as vulnerable, and act as gateways for attackers to penetrate your systems.