We may not mean to, but all too often we set ourselves up for failure or attack. In this case, we’re talking about basic network security. You might be thinking that since your network login is password protected, you’re covered. You might make the assumption that since you’ve had your IT guys put up a decent firewall and closely monitor incoming and outgoing traffic for anomalous patterns, you have nothing to worry about. Sadly, you could not be more mistaken.
Not to say that the steps outlined above aren’t important, they definitely are the basic starting points for a secure system. However, if that’s all you’re doing to secure your systems, then you’re not doing nearly enough. As the internet grows, matures, and changes, so too do our means of accessing and interacting with our technology. Each of these new means of access and interaction open up new avenues of potential attack.
VNC, For Example
Take, for example, remote access software like VNC. This software allows one computer to remotely connect to another computer. Consider the implications of that for just a moment. You may have people who work from home some days. If they need files from their computer, they may use a program like this to access them directly, rather than putting them on a Cloud drive somewhere. That’s potentially dangerous for a number of reasons, but two stand out.
First, the remote machine almost certainly isn’t under your direct control, and probably isn’t protected to the same level that your office machines are. Second, if that machine is hacked and taken over, it would allow a hacker a way into your network that totally bypasses all the security measures you have carefully put in place.
Even worse, these kinds of programs are often two way mirrors, meaning that unless you implement some kind of password protection on your machine when you install the software, then anybody who’s snooping can have a look at what you’re doing on the machine, and even outright take it over.
Worst of all, a significant percentage of people who use this type of software don’t password protect themselves or their own systems. They are leaving themselves wide open to attack, and they’re leaving any other computer that they remote connect to wide open to attack as well.
Just The Starting Point
By itself this is a recipe for disaster. The number of completely wide open, vulnerable systems is staggering, but that’s just the tip of the iceberg. We’ve been sounding the alarm for months now about the astounding growth of the Internet of Objects, and how virtually all objects on the internet are lacking even the most basic protections to keep them from being hacked.
Absolutely nothing has been done to address this issue so far. Given the rate that new entities are being added to the internet of objects, the percentage of completely vulnerable objects continues to climb. These objects range from sensors that report on the functionality of hundreds of thousands of cars being driven by their owners, to municipal water systems, to power companies, and more. All wide open, all completely vulnerable to attack. It’s not a question of if, it’s a question of when and how much damage will result from a major attack.
Do your part to begin securing the internet before it implodes. Secure your systems now; start with remote access points and move on to objects. This is an excellent project to contact a professional IT company about before it’s too late.