- A study by BitSight warns of the dangers of poorly secured webcams for businesses
- Sensitive information can be recovered
- Experts provide valuable advice to prevent these risks
It is a shocking report. The BitSight company has reviewed thousands of businesses around the world using webcams. Of the total, it appeared that 3% of them used video or audio devices connected to the Internet. Among them, 9% exposed themselves to substantial data leaks because they did not sufficiently protect their devices.
The sphere of businesses singled out is very broad, and there are many sectors, including the hotel industry, education, Tech, and administration. Analysts even note that several Fortune 1000 companies are exposed: in telecommunications, and entertainment, or even industry.
Vulnerable companies
The affected devices are not equipped with any firewall or VPN. Worse, some of them do not have passwords, or are affected by a software security flaw that was not taken into account.
Concretely, hackers could therefore watch video streams or listen to conversations with very concrete risks at stake. Thus, cyber criminals could obtain sensitive information about such organizations. They would also be able to gather data allowing them to compromise internal systems and networks for cyberattacks.
Derek Vadala, Chief Risk Officer at BitSight, points out: “This study shows that even everyday technologies, such as webcams, can make organizations very vulnerable if exposed. It’s critical to understand how these devices can increase an organization’s attack surface and take steps to deploy them in a way that limits potential threats. »
Avoidable risks
And precisely, the experts address some valuable advice to companies. According to them, it is particularly necessary to identify all the video and audio devices present within the company and to assess the risks. If necessary, these devices must then be equipped with a firewall or a VPN.
The establishment of access controls is also necessary. Finally, it is necessary to check that there is no software vulnerability and to make the necessary updates. BitSight even invites to change suppliers if they refuse to correct the risks.
This alert joins that of the researchers of the Open University of Catalonia (UOC) of which we spoke to you recently. They estimate that the damage caused by cyberattacks will be around 10.5 trillion dollars per year by 2025 (+200% in ten years). To explain this exponential growth, they point to the democratization of the Internet of Things, and devices that are not always sufficiently protected.
