Welcome!

News Feed Item

“Hacker Lab” Event Shows How Cyber Criminals Attack Homes — and How to Stop Them

At a recent “Home Hacker Lab” event sponsored by Hartford Steam Boiler (HSB), part of Munich Re, and Prescient Solutions, an ethical hacker revealed how cybercriminals work — and what consumers can do to protect themselves.

The October 13 workshop in New York City mounted a remote cyber-attack on an Internet-connected model home inside the American Modern Insurance Group claims training facility in Ohio. The event demonstrated in real time how hackers choose their targets, enter a system, and the harm they can do once they infiltrate a home.

Key takeaways for homeowners included:

  • Most attacks happen via traditional means, through home Wi-Fi systems, emails and computer browsers.
  • Hackers are quickly finding new entry points through smart Internet of Things (IoT) technologies.
  • Roughly 80 percent of consumers report using a home network connected to the Internet. One in ten consumers have experienced a cyberattack via their connected home systems.*

The Hacker Lab was presented by HSB, a leading specialty insurer of data and information risks, and Prescient Solutions, a Chicago-based IT outsourcing firm. The lab was designed to help educate and provide home cyber defense ideas for consumers.

“Hackers are exploiting common security flaws and using them to breach home networks, computers, IoT and mobile devices,” said Eric Cernak, vice president and cyber practice leader for Munich Re. “Once cyber criminals have access, they can steal personal and financial information, hold computer files for ransom, and hijack anything from webcams and thermostats to smart TVs.”

Jerry Irvine, chief information officer of Prescient Solutions and member of the U.S. Chamber of Commerce’s Cybersecurity Leadership Council, agreed that consumers face a real threat and need to increase safety protections in their home networks and connected devices.

“The good news is that homeowners can take steps to protect themselves from destructive criminal intrusions,” Irvine said. “Understanding what hackers look for and how they premeditate an attack are critical to building up a home defense system. The important thing to remember is that hackers are imperfect and can be disrupted.”

The Home Hacker Lab also featured a risk management discussion with Cernak and Timothy Zeilman, vice president and counsel for HSB. The discussion included insights about ways to prevent a cyber-attack; the financial costs; and what consumers must do if/when they’re hacked.

HSB and Prescient Solutions provided the following risk-management tips to secure home systems:

1. Keep systems updated with patched and security updates. Install the most current Windows, OS/iOS, updates/patches and applications. Regularly update firmware on routers and all other devices.

2. Separate social media from financial activity. Use a dedicated device for online banking. Use a different device for email and social media. Otherwise, just visiting one infected social site could compromise your banking machine and your financial accounts.

3. Secure the network to which the devices connect. Don’t broadcast your wireless router/network name. Change default usernames/passwords on home routers and smart devices. Activate wireless router encryption, use WPA2, not WEP. Do not connect smart devices directly to the Internet linked to home computers, but rather through a separate IoT firewall.

4. Set up two-factor authentication for all online accounts. Create complex passwords (nothing that can be easily guessed, such as children’s names, birthplace, etc.). Use secondary authentication; this sends a secret code to your phone verifying your identity.

5. Secure your smartphone. Many people still do not use passcodes to lock their smartphones. Don’t be one of them. Almost all IoT devices are controlled by a smartphone app, so phones have become key entry points to homes.

6. Think before purchasing or installing apps on smartphones or tablets. Make sure you read Privacy Policies before downloading. Do not download any apps that prompt you to quickly download, as they may contain malicious code and security flaws designed by hackers.

7. When not using Bluetooth, turn off the feature. Mobile phones, tablets and many new smart items in the home have Bluetooth functionality (smart speakers, set-top boxes, baby monitors, etc.). Such devices have recently been hacked into because their owners left on the Bluetooth option.

8. Purchase only new devices in unopened packaging from reputable retailers. As with any expensive device, there is a black market for counterfeits that have limited security protections. Do not be tempted to buy such devices.

9. Wipe/reset to factory defaults. When replacing connected devices or selling a home, devices should be restored to factory default settings. This will ensure that personal information contained on the devices is removed.

10. Check insurance policies closely. While a typical Homeowners Policy may cover the costs of the resulting damage (theft, spoilage, etc.), they generally do not respond to costs associated with restoring the systems that have been compromised in the attack.

*Research by Zogby Analytics and HSB Group

Hartford Steam Boiler (HSB), a member of Munich Re’s Risk Solutions family since 2009, is a leading specialty insurer providing equipment breakdown, other specialty coverages, inspection services and engineering-based risk management that set the standard for excellence worldwide. We focus on clients and partner with them to craft inventive insurance and service solutions to cover existing and emerging risks posed by technological change. Today, as throughout our 150 year history, our mission is to use our engineering knowledge and insights to help clients prevent loss, advance sustainable use of energy resources and build deeper relationships that benefit business, industry, public institutions and consumers. HSB holds A.M. Best Company’s highest financial rating, A++ (Superior). For more information, visit www.hsb.com and connect on LinkedIn, Twitter and Facebook.

Prescient Solutions is a Chicago-based IT consulting company that provides onsite, remote, managed and cloud-based services to small, mid-sized and global organizations, as well as government entities. For more than 20 years, its expert team has advised organizations on best practices in IT and cyber security, and guides executives in IT decision-making and implementation across all systems and networks. For more information call 888-343-6040, or visit http://www.PrescientSolutions.com.

Munich Re stands for exceptional solution-based expertise, consistent risk management, financial stability and client proximity. This is how Munich Re creates value for clients, shareholders and staff. In the financial year 2015, the Group – which combines primary insurance and reinsurance under one roof – achieved a profit of €3.1bn on premium income of over €50bn. It operates in all lines of insurance, with over 43,000 employees throughout the world. With premium income of around €28bn from reinsurance alone, it is one of the world’s leading reinsurers. Especially when clients require solutions for complex risks, Munich Re is a much sought-after risk carrier. Its primary insurance operations are concentrated mainly in the ERGO Insurance Group, one of the leading insurance groups in Germany and Europe. ERGO is represented in over 30 countries worldwide and offers a comprehensive range of insurances, provision products and services. In 2015, ERGO posted premium income of €17.9bn. In international healthcare business, Munich Re pools its insurance and reinsurance operations, as well as related services, under the Munich Health brand. Munich Re’s global investments (excluding insurance-related investments) amounting to €215bn are managed by MEAG, which also makes its competence available to private and institutional investors outside the Group.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
Cloud applications are seeing a deluge of requests to support the exploding advanced analytics market. “Open analytics” is the emerging strategy to deliver that data through an open data access layer, in the cloud, to be directly consumed by external analytics tools and popular programming languages. An increasing number of data engineers and data scientists use a variety of platforms and advanced analytics languages such as SAS, R, Python and Java, as well as frameworks such as Hadoop and Spark...
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak...
Cloud-based disaster recovery is critical to any production environment and is a high priority for many enterprise organizations today. Nearly 40% of organizations have had to execute their BCDR plan due to a service disruption in the past two years. Zerto on IBM Cloud offer VMware and Microsoft customers simple, automated recovery of on-premise VMware and Microsoft workloads to IBM Cloud data centers.
In his session at @ThingsExpo, Greg Gorman is the Director, IoT Developer Ecosystem, Watson IoT, will provide a short tutorial on Node-RED, a Node.js-based programming tool for wiring together hardware devices, APIs and online services in new and interesting ways. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes in the palette that can be deployed to its runtime in a single-click. There is a large library of contributed nodes that help so...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
SYS-CON Events announced today that SourceForge has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SourceForge is the largest, most trusted destination for Open Source Software development, collaboration, discovery and download on the web serving over 32 million viewers, 150 million downloads and over 460,000 active development projects each and every month.
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...