Welcome!

News Feed Item

“Hacker Lab” Event Shows How Cyber Criminals Attack Homes — and How to Stop Them

At a recent “Home Hacker Lab” event sponsored by Hartford Steam Boiler (HSB), part of Munich Re, and Prescient Solutions, an ethical hacker revealed how cybercriminals work — and what consumers can do to protect themselves.

The October 13 workshop in New York City mounted a remote cyber-attack on an Internet-connected model home inside the American Modern Insurance Group claims training facility in Ohio. The event demonstrated in real time how hackers choose their targets, enter a system, and the harm they can do once they infiltrate a home.

Key takeaways for homeowners included:

  • Most attacks happen via traditional means, through home Wi-Fi systems, emails and computer browsers.
  • Hackers are quickly finding new entry points through smart Internet of Things (IoT) technologies.
  • Roughly 80 percent of consumers report using a home network connected to the Internet. One in ten consumers have experienced a cyberattack via their connected home systems.*

The Hacker Lab was presented by HSB, a leading specialty insurer of data and information risks, and Prescient Solutions, a Chicago-based IT outsourcing firm. The lab was designed to help educate and provide home cyber defense ideas for consumers.

“Hackers are exploiting common security flaws and using them to breach home networks, computers, IoT and mobile devices,” said Eric Cernak, vice president and cyber practice leader for Munich Re. “Once cyber criminals have access, they can steal personal and financial information, hold computer files for ransom, and hijack anything from webcams and thermostats to smart TVs.”

Jerry Irvine, chief information officer of Prescient Solutions and member of the U.S. Chamber of Commerce’s Cybersecurity Leadership Council, agreed that consumers face a real threat and need to increase safety protections in their home networks and connected devices.

“The good news is that homeowners can take steps to protect themselves from destructive criminal intrusions,” Irvine said. “Understanding what hackers look for and how they premeditate an attack are critical to building up a home defense system. The important thing to remember is that hackers are imperfect and can be disrupted.”

The Home Hacker Lab also featured a risk management discussion with Cernak and Timothy Zeilman, vice president and counsel for HSB. The discussion included insights about ways to prevent a cyber-attack; the financial costs; and what consumers must do if/when they’re hacked.

HSB and Prescient Solutions provided the following risk-management tips to secure home systems:

1. Keep systems updated with patched and security updates. Install the most current Windows, OS/iOS, updates/patches and applications. Regularly update firmware on routers and all other devices.

2. Separate social media from financial activity. Use a dedicated device for online banking. Use a different device for email and social media. Otherwise, just visiting one infected social site could compromise your banking machine and your financial accounts.

3. Secure the network to which the devices connect. Don’t broadcast your wireless router/network name. Change default usernames/passwords on home routers and smart devices. Activate wireless router encryption, use WPA2, not WEP. Do not connect smart devices directly to the Internet linked to home computers, but rather through a separate IoT firewall.

4. Set up two-factor authentication for all online accounts. Create complex passwords (nothing that can be easily guessed, such as children’s names, birthplace, etc.). Use secondary authentication; this sends a secret code to your phone verifying your identity.

5. Secure your smartphone. Many people still do not use passcodes to lock their smartphones. Don’t be one of them. Almost all IoT devices are controlled by a smartphone app, so phones have become key entry points to homes.

6. Think before purchasing or installing apps on smartphones or tablets. Make sure you read Privacy Policies before downloading. Do not download any apps that prompt you to quickly download, as they may contain malicious code and security flaws designed by hackers.

7. When not using Bluetooth, turn off the feature. Mobile phones, tablets and many new smart items in the home have Bluetooth functionality (smart speakers, set-top boxes, baby monitors, etc.). Such devices have recently been hacked into because their owners left on the Bluetooth option.

8. Purchase only new devices in unopened packaging from reputable retailers. As with any expensive device, there is a black market for counterfeits that have limited security protections. Do not be tempted to buy such devices.

9. Wipe/reset to factory defaults. When replacing connected devices or selling a home, devices should be restored to factory default settings. This will ensure that personal information contained on the devices is removed.

10. Check insurance policies closely. While a typical Homeowners Policy may cover the costs of the resulting damage (theft, spoilage, etc.), they generally do not respond to costs associated with restoring the systems that have been compromised in the attack.

*Research by Zogby Analytics and HSB Group

Hartford Steam Boiler (HSB), a member of Munich Re’s Risk Solutions family since 2009, is a leading specialty insurer providing equipment breakdown, other specialty coverages, inspection services and engineering-based risk management that set the standard for excellence worldwide. We focus on clients and partner with them to craft inventive insurance and service solutions to cover existing and emerging risks posed by technological change. Today, as throughout our 150 year history, our mission is to use our engineering knowledge and insights to help clients prevent loss, advance sustainable use of energy resources and build deeper relationships that benefit business, industry, public institutions and consumers. HSB holds A.M. Best Company’s highest financial rating, A++ (Superior). For more information, visit www.hsb.com and connect on LinkedIn, Twitter and Facebook.

Prescient Solutions is a Chicago-based IT consulting company that provides onsite, remote, managed and cloud-based services to small, mid-sized and global organizations, as well as government entities. For more than 20 years, its expert team has advised organizations on best practices in IT and cyber security, and guides executives in IT decision-making and implementation across all systems and networks. For more information call 888-343-6040, or visit http://www.PrescientSolutions.com.

Munich Re stands for exceptional solution-based expertise, consistent risk management, financial stability and client proximity. This is how Munich Re creates value for clients, shareholders and staff. In the financial year 2015, the Group – which combines primary insurance and reinsurance under one roof – achieved a profit of €3.1bn on premium income of over €50bn. It operates in all lines of insurance, with over 43,000 employees throughout the world. With premium income of around €28bn from reinsurance alone, it is one of the world’s leading reinsurers. Especially when clients require solutions for complex risks, Munich Re is a much sought-after risk carrier. Its primary insurance operations are concentrated mainly in the ERGO Insurance Group, one of the leading insurance groups in Germany and Europe. ERGO is represented in over 30 countries worldwide and offers a comprehensive range of insurances, provision products and services. In 2015, ERGO posted premium income of €17.9bn. In international healthcare business, Munich Re pools its insurance and reinsurance operations, as well as related services, under the Munich Health brand. Munich Re’s global investments (excluding insurance-related investments) amounting to €215bn are managed by MEAG, which also makes its competence available to private and institutional investors outside the Group.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing bes...
SYS-CON Events announced today that DivvyCloud will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. DivvyCloud software enables organizations to achieve their cloud computing goals by simplifying and automating security, compliance and cost optimization of public and private cloud infrastructure. Using DivvyCloud, customers can leverage programmatic Bots to identify and remediate common cloud problems in rea...
SYS-CON Events announced today that Tintri, Inc, a leading provider of enterprise cloud infrastructure, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Tintri offers an enterprise cloud platform built with public cloud-like web services and RESTful APIs. Organizations use Tintri all-flash storage with scale-out and automation as a foundation for their own clouds – to build agile development environments...
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs ofte...
SYS-CON Events announced today that Tappest will exhibit MooseFS at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. MooseFS is a breakthrough concept in the storage industry. It allows you to secure stored data with either duplication or erasure coding using any server. The newest – 4.0 version of the software enables users to maintain the redundancy level with even 50% less hard drive space required. The software func...
SYS-CON Events announced today that Interoute has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Interoute is the owner operator of Europe's largest network and a global cloud services platform, which encompasses over 70,000 km of lit fiber, 15 data centers, 17 virtual data centers and 33 colocation centers, with connections to 195 additional partner data centers. Our full-service Unifie...
SYS-CON Events announced today that EARP will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "We are a software house, so we perfectly understand challenges that other software houses face in their projects. We can augment a team, that will work with the same standards and processes as our partners' internal teams. Our teams will deliver the same quality within the required time and budget just as our partn...
SYS-CON Events announced today that Carbonite will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Carbonite protects your entire IT footprint with the right level of protection for each workload, ensuring lower costs and dependable solutions with DoubleTake and Evault.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in compute, storage and networking technologies, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/...
SYS-CON Events announced today that Outscale will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Outscale's technology makes an automated and adaptable Cloud available to businesses, supporting them in the most complex IT projects while controlling their operational aspects. You boost your IT infrastructure's reactivity, with request responses that only take a few seconds.
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single threaded, you can effectively identify hot spots in your serverless code. In his session at 20th Cloud Expo, David Martin, Principal Product Owner at CA Technologies, will give a live demonstration and code walkthrough, showing how to ov...
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
As cloud adoption continues to transform business, today's global enterprises are challenged with managing a growing amount of information living outside of the data center. The rapid adoption of IoT and increasingly mobile workforce are exacerbating the problem. Ensuring secure data sharing and efficient backup poses capacity and bandwidth considerations as well as policy and regulatory compliance issues.
SYS-CON Events announced today that Cloudistics, an on-premises cloud computing company, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloudistics delivers a complete public cloud experience with composable on-premises infrastructures to medium and large enterprises. Its software-defined technology natively converges network, storage, compute, virtualization, and management into a ...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists will examine how DevOps helps to meet th...