Reducing threats for Net-linked security cameras, ATMs

ICSA Labs, which sets standards for commercial security products, has a new program designed to help companies keep hackers and malware off their networks.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Sept. 21, 2009 4:43 a.m. PT

ICSA Labs, which sets standards for commercial security products, plans to announce on Monday a new program for helping corporations protect themselves from attacks and snooping via Internet-connected devices such as printers, copiers, ATMs, and security cameras.

Under the ICSA Labs Network Attached Peripheral Security Certification and Assessment program, experts will evaluate devices used in corporations and work with vendors to help them understand the inherent security risks to Internet-connected devices, said George Japak, managing director of ICSA Labs, which is an independent division of Verizon Business.

The devices targeted are not those that are part of the computing network infrastructure, like desktops, servers, and routers.

"There is a lot of functionality on those devices being centrally managed and controlled via an Internet connection, and those Internet connections can be compromised," he said. "These unsecured devices are as much of a risk as an unsecured server sitting out on your network."

Remote attackers can exploit weaknesses in software to remotely steal data that sits on the devices, such as sensitive documents that someone has printed or copied. But the devices can also be used to propagate malware across the network, he said.