The first documented Internet of Things (IoT) cyber-attack took place in 2014, when a smart refrigerator had been caught red-handed for spawning over 750,000 spam emails after being hijacked by a botnet attack. A more recent case in the US concerns an internet-connected thermostat in an aquarium, which hackers successfully controlled to access a database of high-roller gamblers in a casino.
In another case, hackers accessed the company network of an online store through the use of credentials and email accounts from three of its employees. The hackers stole personal information and encrypted passwords of its 145 million users, going undetected for almost 230 days.
However, it’s not just hackers that are responsible for breaches. According to the Office of the Australian Information Commissioner, while 59% of data breaches are from malicious or criminal attacks, 36% are a result of human error from within the business.
Given this ongoing list of reported security breaches and headlines in the press, businesses shouldn’t be asking IF it will happen, but WHEN. Despite this, businesses are falling behind in terms of adopting a proactive security strategy.
Let us take a deeper look at each of these threat cases in an effort to understand how and why these security incidents are occurring and what businesses can do to mitigate the risk of being the next cybersecurity victim. – CSO