The Toronto-area dental office didn’t know it but the security camera in its waiting room were being streamed live on the Internet.
Anyone could log on to the website and watch as patients came and went. Front-desk staff answering phones and working on their computers entering patient information.
It could be a serious breach of patient privacy. But it’s more than that – unsecured cameras also leave the entire network open for virtual intruders.
But the explosion of IoT, including wireless surveillance, is providing new security threats and vulnerabilities that cyber criminals can exploit, says Daniel Tobok a cyber-intelligence expert based in Toronto.
Forgetting to change the default password on a camera or selecting a simple password create security risks as the camera can be a potential entry point to computer servers, Tobok said.
“The danger is not that they can see inside, and who is drinking an extra cup of coffee,” he said. “It actually comes down to the fact that they can use that to get into [digital] infrastructure.”
Tobok, who is chief executive officer of Cypfer Inc., said his company is often hired to explore flaws in the digital security networks of large corporations.
“When somebody can penetrate that particular server, they can jump into other infrastructure parts. Again, that can be the router, and they can open up other ports for them to come in with a bigger attack,” he said. “They can reconfigure things like the firewall. They can jump on the Wi-Fi. There’s a lot of things that they can do.”