Be careful! Data and identity theft in IoT

While we often hear of scary and unpredictable hackers who try to get our data and money with all kinds of influential hacks, we are also often our own biggest security enemy. Through carelessly securing our Internet-connected devices (think: mobile phones, iPads, Kindles, smartwatches, etc.) we are playing into the hands of malicious thieves and opportunistic explorers.

How can you be the biggest threat to your personal or business safety

While the Internet of Things (IoT) can make our lives easier, security reasons are sometimes considered and sacrifices are made to get a product to market faster.

The main strategy of identity theft is to collect data. With a little homework, there is a lot to find. Combined with common data available on the Internet, social media information, smart watches, fitness trackers and if available smart meters, smart fridges and lots more data give a great all-round idea of ​​your identity. The more details about a user can be found, the easier and more sophisticated the targeted attack through identity theft can be. If a hacker furthermore manages to collect business related data related to a person, the potential hacking target becomes all the more attractive.

For example, you keep hearing about news stories told by an alleged nephew who needs immediate money. It is very easy to believe if a hacker knows that the target person is actually the nephew, who may be away from home in time. In a business context a hacker can pose as an HR director, asking for banking details or an employee’s address – again much more commendable if the company has recently switched banks or has an employee database Has updated.

Nearly two-thirds of Americans own a smartphone, and by 2020 it is expected that on average, each person worldwide will have more than six connected devices.

The tricky thing with connected devices is that we often take them with us. We take them to busy places, put them in handbags and backpacks and use them naturally in front of strangers, whether for business or personal use, or both. It is not difficult to see the PIN code or password of a person’s device. So even when we have (often basic) security practices, it is very easy to remember security codes and steal equipment.

The fitness watch or smartphone includes all the information – name, address, date of birth, credit card information and health information. Your phone also often uses unsecured access to the app, including email, business and social media accounts, online banking and many more. Looking at it from this angle, it is quite shocking that we take our data goldmines everywhere and anywhere and think very little about it falling into the wrong hands. The practice of Lao Your Own Device (BYOD) for business purposes encourages the risk of leaking highly sensitive business data.

Only 50% of tested smartwatches, for example, provide the ability to apply a screen lock by pin or pattern. The good news is that commercial applications in particular are catching on. It is up to the user to use the technology.

The more valuable the data becomes for an opportunistic hacker, the more valuable our world becomes. And the more connected devices a person has, the more likely it is for a hacker to find a device that can serve as an entry point to access a home or corporate network, such as home security System or work computer.

Today’s biggest threat – identity theft

Stealing your device is a big problem in itself. If the thief is using your device’s data to act on your behalf and enforce your identity, then you have a major problem at hand. Other devices, and possibly some of your personal or business contacts who rely on your identity, are at risk of falling for “your” stolen identity. Identity theft can therefore be counted as one of the biggest risks in IoT.

Just the following image scenario that Think Adviser paints: Applies to mortgage someone with your stolen identity, rent out of home or sell out quickly. Or the business environment is equally bad: someone works as your senior manager and asks you to transfer funds to another bank account. There are already many scary real-life examples where identity theft can affect you to a level that most people don’t even think about.

 

Leave a Comment