In 2016, four billion data records were compromised worldwide, an unimaginable quantity that was already surpassed within the first six months of 2017. In other words, it’s only a matter of time before your company becomes the target of unwanted attention—if it isn’t already.
Today’s most predatory cybercriminals know that weak targets, like unsecured printers and other endpoints, offer a near-guaranteed payload, which makes them the perfect hacker bait. In fact, some seriously evil genius hackers are probably writing tomorrow’s scariest wiper virus in a top-secret crime lab right now. Let’s face it: Even the laziest hackers can easily access your network through your endpoints when you make it temptingly easy for them to discover vulnerabilities.
5 real-world examples of easy hacker bait
If you don’t believe it, think again. Unsecured endpoints are a $6 million annual industry. And as scary as that figure is, it’s about to get a lot worse. Here’s a look at five vulnerable endpoints in every office you should watch more closely:
- Printers: Over half of all organizations don’t even include unsecured printers in their security strategy. That could be why 64 percent of execs think it’s “likely” their printer contains malware. Even if you’re not printing off your customer’s social security numbers and leaving them in the tray for hours, your printer is an intelligent, networked device that can also function as a wide-open door to your company’s network.
- Routers: Who can forget Mirai Dyn, the distributed denial-of-service (DDoS) attack that took down the internet in 2016? It couldn’t have happened without DNS lookup requests from tens of millions of IP addresses and many, many unsecured business routers and connected devices.
- Voice over IP (VoIP) phones: Your IP-phones are safe because your network has a firewall, right? The truth is VoIP phones have a lot of computing capabilities, many of which leave them completely wide open to attack. Factor in the tendency to use obvious default passwords, like “admin,” and it’s not a stretch to see how easily hackers can commandeer these devices to ring up international calling charges or eavesdrop on confidential conference calls.
- Mobile devices: Smartphones have long been hailed as the weakest link in corporate network security, with one study finding that Androids comprise a staggering 81 percent of malware-infected mobile devices worldwide. Perhaps the statistic isn’t that surprising given that phones are highly susceptible to infection with malware anyway—one in 14 data breaches last year started out as a good old phishing attack where someone simply clicked a link.
- PCs: Do you think your twice-daily run to refill your coffee in the break room without locking your computer is low risk? Think again—a criminal can backdoor your PC in as little as 30 seconds using $5 worth of equipment. While physical breaches are relatively rare, accounting for just 8 percent of incidents, it’s definitely not a risk you want to take.
Your printer’s been hacked—now what?
Consider this scenario: A hacker gains entry to your reception-area printer via a mobile hack or thumb drive, creating a backdoor into your company’s network. Statistically speaking, your organization won’t detect the fact you’ve been breached for an average of 200 days.
In a world that’s increasingly dependent on the Internet of Things (IoT), there’s a lot riding on network integrity. The WannaCry ransomware attack in 2017 marked the first instance where North American hospitals reported an intelligent, connected medical device stopped working. Then, the Petya wiper virus took down the Ukranian Central Bank and Public Utilities. When hackers have the ability to take internet-connected pacemakers and insulin monitors offline during a network attack, the potential collateral damage of forgetting to change the default password on your VoIP phone becomes a pretty big deal indeed. Nothing is safe, so it’s up to IT departments to start identifying and securing every endpoint—including printers—in their environment.
Is literally nothing secure?
The conversation about endpoint security has shifted significantly in recent years. Anything not sufficiently secured, patched, or monitored can definitely come back to haunt you. Security journalist Kelly Sheridan summarizes the battle ahead best by stating, “As businesses incorporate [connected devices] . . . they will need to be increasingly aware of their larger attack surface, prioritize services and assets that need to be protected, and know where they are located.” With that in mind, here are a few things you can do today to keep your endpoints secure:
- Know: This is where endpoint detection and response tools, endpoint audits, and security penetration testing come in. By looking at your network like a hacker, you can identify and correct weak links, such as a long-unpatched utility server or your CEO’s shadow IT mobile device.
- Prioritize: Impact and probability equations around security risk are not only a useful way to make the most out of limited security resources, they can also be a highly persuasive asset when you need to ask your boss for money to shore up your endpoints when they emerge as the problem.
- Protect: Work smarter, not harder, by making it a practice to adopt endpoints that act more like allies than hacker bait. Humans are going to be your riskiest endpoints, but you can boost your protection by adopting business printers that have your back with continuous monitoring, self-healing BIOS, and other engineered security features.
Most of all, keep a little hope. The vast majority of hackers in the world are ultimately lazy and just looking for a quick payday. While perfect security is unlikely, fortifying endpoint security is an effective weapon for dissuading the majority of attackers.