Someone Hacked My Kettle

This might be a headline that becomes more and more common over the next few years!

The growth of the internet of things and today’s Hampshire Enterprise Circle visit to amicus its have happily collided in the heading here.

Do you pay any attention to your own or your business’s cyber security? How seriously do you take data security in your business? Is it something that will never happen to your business?

Some strange but relevant facts:

  • An air conditioning firm was targeted because it gave a route into the data systems of the businesses where it was installed.
  • Smaller business have been breached because they had direct access into the VPN (internal computer network) of a major company because they were a supplier of goods to that company.
  • Lots of unsuspecting businesses are being unwittingly used in DDoS (distributed denial of service – where a company’s servers are overwhelmed by numerous requests in a very short period of time) attacks on major companies.

Hackers are starting to target smaller businesses because it is easier to mount an attack on a 1-10 person organisation (say) with no in-house IT department than a high street name with in-house support and external consultants.

A modern menace is to encrypt some vital part of the target’s data and sell them the key for a few £000’s. A more ruthless version of the same thing is to sell the key for an increasing ransom the longer it takes for the target to pay it. Nice “work” if you can do it…

The well publicised TalkTalk breach of customer data was done by, we believe, just three persons – one of whom was 15!

So what can you do?

Always remember – if you make your system more difficult to hack than the next guy’s, they are more likely to target that person instead.

At an absolute minimum get an antivirus programme and a firewall if your computer/ laptop/tablet/phone is connected to the outside (electronic) world. Personally I would recommend the paid version rather than the free version if there is any sensitive customer/supplier information present – it may cost an extra £50-100 per year but set that against the £000’s to get rid of ransomware…

And make sure the bl00dy thing is automatically updated!

Make sure your device(s) automatically downloads updates for Windows/Office, etc. (other operating systems/open source software are available…) I know it seems like the computer reboots itself overnight whenever you’ve forgotten to back up your work for the last hour of the day, but just live with it and treat it as a warning.

Back up your data external to your device(s) so you can restart in a ransomware-style situation. Consider backing up your data to a remote location – another cost but again a precaution.

As your firm gets bigger, consider getting an external firm to try and breach your systems (penetration testing – ooer missus, but I may just have a dirty mind) – certainly the more sensitive the information you hold, the more you should consider this option.

The biggest problem in the cyber world is people – don’t use the same password on your work and home systems, don’t use password as your password… I’ll try and return to people in a future post.

And what was the headline all about?

New kettle with Bluetooth capability – attack on the kettle gave the router password giving access to the whole network.

Sometimes I wish I was making this stuff up…

Please share this article to your circle. If just one person pays attention, it has made my writing time worthwhile.