Financial institutions are connecting systems to the Internet to improve operations more often, such as with remote asset monitoring, customer engagement and mobile banking.

The IoT also poses security risks – according to the FBI, companies and the general public should be aware of the IoT vulnerabilities cybercriminals could exploit.

"Deficient security capabilities and difficulties for patching vulnerabilities in these devices, as well as a lack of consumer security awareness, provide cyber actors with opportunities to exploit these devices," the alert stated. "Criminals can use these opportunities to remotely facilitate attacks on other systems, send malicious and spam emails, steal personal information or interfere with physical safety."

Unsecured or weakly secured devices provide opportunities for cyber criminals to intrude upon private networks, plus gain access to other devices and information attached to those networks. Devices protected by default passwords or with open Wi-Fi connections are easy targets for cyber actors to exploit, the FBI said.

Criminals can launch email spam attacks from home networking routers, connected multi-media centers, televisions and appliances with wireless network connections. According to the FBI, the primary IoT risks include:

1. Utilization of the Universal Plug and Play protocol (UPnP) to gain access to many IoT devices. The UPnP describes the process when a device remotely connects and communicates on a network automatically without authentication. The UPnP self-configures when attached to an IP address, making it vulnerable to exploitation. Cyber actors can change the configuration and run commands on the devices, potentially enabling the devices to harvest sensitive information or conduct attacks against homes and businesses, or engage in digital eavesdropping.

2. Exploitation of default passwords to send malicious and spam emails, or steal personally identifiable or credit card information.

3. Compromising the IoT device to cause physical harm.

4. Overloading devices to render them inoperable.

5. Interfering with business transactions.

"The real challenge will be updating these IoT devices," Ondrej Krehel, founder/principal of the New York City-based cybersecurity intelligence firm LIFARS, noted. "As we know, many larger organizations struggle to maintain up to date software and hardware. By adding IoT devices it expands the threat landscape as it is likely that they will not be updated or upgraded as vulnerabilities are discovered."

Krehel said another thing organizations will need to be aware of is the integration and management of these IoT devices.

"In a perfect world this is not a problem, but these will present challenges," he said. "If an authenticated device goes missing or devices are not fully or properly set up, there can be gaps in security."