Four billion data records were compromised worldwide, in 2016 alone. The jury’s still out on 2017, but one thing is clear: It’s only a matter of time before your company is targeted—if it hasn’t been already.
Today’s most predatory cybercriminals know that weak targets like unsecured printers and other endpoints are a near-guaranteed payload. In fact, there are probably some seriously evil genius hackers writing tomorrow’s scariest wiper virus in a top-secret crime lab right now.
Let’s face it: Even the laziest hackers can easily access your network through your endpoints, because they don’t have to look very far for a vulnerability.
5 real-world examples of easy hacker bait
If you don’t believe us, think again. Unsecured endpoints are a $6 billion annual industry. And trust me, as scary as that figure is, it’s about to get a lot worse. Here’s a look at five vulnerable endpoints in every office that you should watch a little more closely:
Over half of all organizations don’t even include their unsecured printers in their security strategy. That could be why 64 percent of execs think it’s “likely” that their printer contains malware. Even if you’re not printing off your customer’s social security numbers and leaving it in the tray for hours, your printer is an intelligent, networked device that can act as a wide-open door to your company’s network.
Remember Mirai Dyn, the distributed denial of service (DDoS) attack that took down the internet for hours just over a year ago? October 21, 2016, or the day without Netflix, Amazon, and Reddit, was made possible by DNS lookup requests from tens of millions of IP addresses and many, many unsecured business routers and printers.
3. Voice over IP (VoIP) phones
Your IP-phones are safe because your network has a firewall, right? Right? VoIP phones have many computing capabilities, and many are completely wide open to attack thanks to default passwords like “admin.” Hackers don’t find it too hard to use these devices to ring up international calling charges or eavesdrop on your confidential conference calls.
4. Mobile devices
Smartphones have long been hailed as the weakest link in corporate network security, with one study finding that Androids comprise a staggering 81 percent of malware-infected devices worldwide. And to be honest, it’s not super hard to get malware on a phone anyway—one in 14 data breaches last year started out as a good old phishing attack where someone simply clicked a link.
Do you think your twice-daily run to refill your coffee in the break room without locking your computer is pretty low risk? It takes as little as 30 seconds and $5 worth of equipment for a criminal to backdoor your PC. While physical breaches are relatively rare, accounting for just 8 percent of the incidents reported in one 2017 study, it’s definitely not a risk you want to absorb.
Your printer got hacked—now what?
Consider this scenario: A hacker gains entry to your reception-area printer via a mobile hack or thumb drive that creates a backdoor into your company’s network. Statistically speaking, your organization won’t detect the fact that you’ve been breached for an average of 200 days.
In a world that’s increasingly driven by the Internet of Things (IoT), there’s a lot riding on network integrity. The WannaCry ransomware attack in May 2017 marked the first instance where US hospitals reported that an intelligent, connected medical device stopped working. Then, the Petya wiper virus took down the Ukranian Central Bank and Public Utilities.
When hackers have the ability to take internet-connected pacemakers and insulin monitors offline during a network attack, the potential collateral damage of forgetting to change the default password on your VoIP phone is a pretty big deal indeed. Nothing is safe, so it’s up to IT to start identifying and securing every endpoint—including printers—in their environment.
Is literally nothing secure?
The conversation about endpoint security has shifted significantly in recent years. What you’re not securing, patching, or monitoring can definitely bite you.
Security journalist Kelly Sheridan summarizes the battle ahead best by stating, “As businesses incorporate [connected devices] . . . they will need to be increasingly aware of their larger attack surface, prioritize services and assets that need to be protected, and know where they are located.” With that in mind, here are three things you can do (today) to keep your endpoints secure:
- Know: This is where endpoint detection and response tools, endpoint audits, and security penetration testing come in. By looking at your network like a hacker, you can identify scary factors like a long-unpatched utility server or your CEO’s shadow IT mobile device.
- Prioritize: Impact and probability equations around security risk are not only a useful way to spread limited security resources to the greatest extent possible, they can be a really effective way to ask your boss for more money when you realize the problem is your endpoints.
- Protect: Work smarter, not harder, by adopting endpoints that act more like allies than hacker bait. Humans are going to be your riskiest endpoints, but you can boost your protection by adopting secure business printers that have your back with continuous monitoring, self-healing BIOS, and other engineered security features.
Most of all, keep a little hope. The vast majority of hackers in the world are ultimately lazy and just looking for a quick payday. While perfect security is unlikely, comprehensive endpoint security is a pretty effective way to dissuade most attackers.