ACE and Chubb are now one.
 
 
ACE has acquired Chubb, creating a global insurance leader
that will operate under the renowned Chubb name.
Learn More Not Now
print   email   Share

Is Your Router The Weak Link In Your IoT Security?

A cybersecurity consultant recently discovered vulnerabilities in five brands of body cameras worn by police officers. These vulnerabilities leave the cameras susceptible to hacking.

The cameras do not protect uploaded footage with a signature or have a way to verify that uploaded footage is legitimate. As a result, hackers could easily modify and replace video stored in the cloud. Hackers could also delete body camera footage.

The body cameras examined also do not have cryptographic mechanisms for confirming firmware updates. Therefore, hackers could disguise malware as a normal software update and infect the body cameras. From there, malware could spread throughout the entire police network. Cybercriminals could attack police forces with ransomware, force a lockdown, or infect them with file-deleting worms.

Finally, hackers could use the cameras' GPS capability to track the police officers wearing them. Sidney Fussell "Hackers Can Turn Body Cameras Into Malware Spewing Machines, Security Expert Says" gizmodo.com (Aug. 13, 2018).


Commentary

Body cameras—like all Internet of Things (IoT) devices—are far more vulnerable to hacking than many people realize. In addition, once hacked, they compromise the entire network to which they are connected.

One vulnerability for IoT devices is an easy-to-guess default password on wireless Internet routers. This is a vulnerability that affects all IoT devices. Because devices generally do not have anti-virus software, a secure Internet connection may be the device’s only protection.

Immediately change the password from the default when installing new routers and replace with a strong password. A strong password has at least 12 characters long and contains uppercase letters, numbers, and symbols.

Prohibit employees from writing passwords down. If they have difficulty remembering the password, set their devices to connect automatically or use a password manager. Employees should not share passwords.

Finally, your opinion is important to us. Please complete the opinion survey:

Login

Log-in to access Training Modules, Article Archives, Model Policies and more!

Latest Numbers

Unemployment Rate

3.9% in Aug 2018

Payroll Employment

+201,000(p) in Aug 2018

Average Hourly Earnings

+$0.10(p) in Aug 2018

Employment Cost Index (ECI)

+0.6% in 2nd Qtr of 2018

Productivity

+2.9% in 2nd Qtr of 2018

Source: Department of Labor

Chubb Offers for Employment Practices Liability (EPL) Insured:

Loss Prevention Reimbursement Credit

HR Acuity On-Demand

Best Practice Minute

Available presentations

What's New

CEO And CFO Fraud Creates Exposures For Boards

The SEC finds two Silicon Valley company officers committed a $700 million fraud. What oversight was missing that led to this enormous fraud? We examine. Read More

Are Your IoT Devices Vulnerable To Attack?

Too often organizations and individuals forget to secure IoT devices, which hackers can breach to access network-connected computers. We examine. Read More

An Enterprise-Wide Cybersecurity Plan: A Crucial Step For Protecting Data

Not having a cybersecurity plan with human oversight left the U.S. Department of the Interior vulnerable to data breaches. We examine what this means for your organization. Read More