Hackers are increasingly targeting "internet of things" devices to access corporate systems, using things like CCTV cameras or air-conditioning units, according to the CEO of a cybersecurity firm.

The internet of things refers to devices hooked up to the internet, and it has expanded to include everything from household appliances to widgets in power plants.

Nicole Eagan, the CEO of Darktrace, told the WSJ CEO Council Conference in London on Thursday: "There's a lot of internet-of-things devices, everything from thermostats, refrigeration systems, HVAC systems, to people who bring in their Alexa devices into the offices. There's just a lot of IoT. It expands the attack surface, and most of this isn't covered by traditional defenses."

Eagan gave one memorable anecdote about a case Darktrace worked on in which a casino was hacked via a thermometer in an aquarium in the lobby.

"The attackers used that to get a foothold in the network," she said. "They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud."

Robert Hannigan, who ran the British government's digital-spying agency, Government Communications Headquarters, from 2014 to 2017, appeared alongside Eagan on the panel and agreed that hackers' targeting of internet-of-things devices was a growing problem for companies.

"With the internet of things producing thousands of new devices shoved onto the internet over the next few years, that's going to be an increasing problem," Hannigan said. "I saw a bank that had been hacked through its CCTV cameras, because these devices are bought purely on cost."

As recently as a few years ago, it would’ve been impossible to imagine just how connected the modern world would become — and how quickly it would happen. The advent of smart home technology has made our lives easier in a multitude of ways. Gone are the days of worrying about whether you turned off the coffee pot, adjusted your thermostat or locked your door before you left for work or vacation.

Smart home technology offers unparalleled peace of mind, so it’s no surprise that modern home tech is seeing a light-speed growth in popularity. In fact, U.S. officials have predicted that American consumers will use almost 31 billion of these devices by 2020.

But that staggering growth also brings the question: how safe are our smart homes and the data they collect?

Heyday for Hackers

The Internet of Things (IoT) is designed to simplify life and improve efficiency for everyone, from large business conglomerates to average homeowners. But unfortunately, IoT-run smart home devices can also benefit an unintended audience: hackers.

Last year, cybersecurity leader McAfee reported on a children’s doll that could be used by hackers to open connected smart locks on homes, giving hackers entry. And the hackers’ ingenuity doesn’t stop there; they’ve been able to remotely access everything from internet-connected cameras to digital assistants and drones to compromise their victims’ closely-guarded data and possessions. Some security experts even venture to say that these devices are more insecure than they are secure.

Get Smart About Cybersecurity

Every connected device in your home represents a potential security vulnerability, so it’s important to keep yourself safe. If you’re looking to set up your own smart home, here are a few ways you can ensure that your high-tech space doesn’t turn into a playground for cyber thieves.

1. Use Strong Passwords

It may seem obvious, but strong passwords are the best way to make sure your private data stays that way.

When it comes to generating a password, the longer the better. Use a string of letters, characters and numbers, and stay as far away from “PetName123” as possible. Also, steer clear of random password generator websites; they could just be bad guys in disguise.

If you’re worried about remembering complicated passwords, there are plenty of trustworthy software solutions out there to help. Check with your cybersecurity provider to see if it offers a password manager feature. Alternatively, write your passwords down and keep them in a secure place away from connected devices.

2. Change Factory Security Settings

Most smart-home devices come preloaded with factory security presets. This means that anyone with a Wi-Fi connection can easily decipher the device name and a simple online search can provide a hacker with your factory-preset password — giving them access to your precious data.

Whenever you’re connecting a new device to your home network, be sure to change the device name and password to something that can’t be easily recognized or guessed by a stranger. When considering a new name for a device, be sure not to include any personally identifiable information (like your mother’s maiden name or a childhood phone number).

3. Use a Secure Router

If you’re looking to go all in on your smart home, you may want to consider investing in a secured router to act as a gateway between all your connected gadgets and the internet at large.

These devices can be costly, but many reputable cybersecurity companies have products that include virus and malware protection. They’ll make sure every device that’s connected to your Wi-Fi network is monitored and protected.

4. Keep Your Software Updated

No one enjoys installing software updates, but they’re more important than you think. Updating the operating systems on all your devices patches up any new cybersecurity weaknesses, meaning hackers can’t exploit defects in your software.

Next time your smart TV, tablet or computer prompts you to install updates, click “yes.” It’s worth taking the time to protect yourself from digital intruders.

Your connected devices are meant to make your home smarter and more convenient, not cause you more stress. Take these quick and easy precautions to help your smart home stay safe and sound.

Identity theft is hard enough. That’s why we keep working to make recovering from it easier. It’s also why we’re happy to let you know about an innovative project by the Federal Trade Commission (FTC) and the Internal Revenue Service (IRS) that lets people report tax-related identity theft to the IRS online, using the FTC’s IdentityTheft.gov website to file IRS Form 14039.

Tax-related identity theft happens when someone uses your stolen Social Security number (SSN) to file a tax return and claim your refund. You might find out about it when you try to e-file — only to find that someone else already has submitted a return — or when the IRS sends you a letter saying it has identified a suspicious tax return that used your SSN. That’s when you’ll need to file an IRS Identity Theft Affidavit (IRS Form 14039), so that the IRS can begin resolving your case.

Now, you can report to the IRS through IdentityTheft.gov. It’s the only place you can submit your IRS Form 14039 electronically. Here’s how it works: IdentityTheft.gov will first ask you questions to collect the information the IRS needs, then use your information to populate the Form 14039 and let you review it. Once you’re satisfied, you can submit the Form 14039 to the IRS through IdentityTheft.gov. Download a copy for your own records, too. About 30 days later, the IRS will send you a letter confirming it received the information.

While you’re at IdentityTheft.gov, you’ll also get help making an identity theft recovery plan, with guidance including how to place a fraud alert on your credit files, check your credit reports, and take other steps to stop the identity theft from harming other of your accounts. IdentityTheft.govalso will help you resolve other identity theft problems.

Remember, though — filing the Affidavit doesn’t eliminate the need to pay your taxes. If you couldn’t e-file your tax return, you’ll still need to mail it to the IRS and pay any taxes you owe.

We hope you don’t run into problems with identity theft. But if you or someone you know does, visit IdentityTheft.gov to report it and get fast and effective recovery help.

A Chinese man who was wanted by police for “economic crimes” was arrested at a music concert in China after facial recognition technology spotted him inside the venue.

The man was attending a concert by Hong Kong singer Jacky Cheung in the Nanchang, Jiangxi province when security cameras recognized him. According to the South China Morning Post, the man, only identified by family name Ao, was shocked when police approached him. Ao had driven 56 miles with his wife to attend the concert, telling authorities he felt safe in the crowd, estimated to be over 50,000, and that he would have never gone if he thought there was a chance he would be identified. “Ao was suspected to be involved in an economic crime and was listed on a national online system,” police officer Li Jin said. “He was very shocked and had a blank face when we caught him.”

This isn’t the first time China’s facial recognition technology has caught criminals at public events. Last year, 25 wanted individuals were arrested at a beer festival when cameras at entrances flagged the subjects’ faces. Police in Zhengzhou are also testing glasses with built-in facial recognition at select train stations, and they say it’s already helped to capture seven suspects wanted in major cases, as well as 26 individuals traveling under false identities. The tech is also being utilized in more innocuous ways, like paying for orders at a KFC in Hangzhou.

China has ramped up tracking technologies in recent years, becoming a burgeoning tech-surveillance state. One estimate suggests the country will have more than 600 million CCTV cameras by 2020, and the country is instituting a “social credit” system beginning in May that will dock low-ranking citizens in ways like banning them from buying plane or train tickets for up to a year.

Santander has launched a foreign exchange service that uses blockchain technology to make same-day international money transfers.

The service, called Santander One Pay FX, uses tech developed by blockchain firm Ripple. Santander said it is the first cross-border payments service using blockchain to be made by a bank.

Blockchain, or distributed ledger technology, is a decentralized network that records a growing list of transactions. It was originally used as the technology to underpin bitcoin but banks have become increasingly interested in other use cases, like clearing and settling payments.

Santander's blockchain-powered foreign exchange platform is currently live in four different countries — Spain, the U.K., Brazil and Poland. A wider roll-out is expected in coming months, the bank said.

Innoventures, a $200 million fintech, or financial technology, venture capital fund set up by Santander, was one of a number of investors to participate in Ripple's first round of funding in 2015.

Ripple has struck partnerships with multiple banks and other financial institutions, including Santander. Banks are less keen to use the firm's digital currency XRP, but earlier this year two money transfer firms, MoneyGram and Western Union, announced projects involving the cryptocurrency.

On Wednesday, Ripple invested $25 million into a fund started by Blockchain Capital, a venture capital firm dedicated to blockchain.