Vulnerabilities in internet-connected devices are well-documented by this point, but the most common exploitations generally involve conscripting
thousands of vulnerable IoT devices into botnets, or getting onto a network through a weak IoT device for
ransomware attacks. These aren't using data-stealing missions.
But researchers from the IoT security firm Senrio have shown that a company's publicly exposed IoT devices can form an unsupervised backroad path into networks. Attackers can jump from one vulnerable IoT device to the next, totally bypassing mainstream devices like PCs and servers, and charting a course that's much harder to detect.
