Stories
Slash Boxes
Comments

SoylentNews is people

Ring Flaw Underscores Impact of IoT Vulnerabilities

posted by janrinok on Wednesday November 13 2019, @04:09PM   Printer-friendly
from the Internet-of-Leaks dept.

upstart writes:

Submitted via IRC for soylent_lavender

Ring Flaw Underscores Impact of IoT Vulnerabilities

A vulnerability in Amazon’s Ring Video Doorbell Pro IoT device could have allowed a nearby attacker to imitate a disconnected device and then sniff the credentials of the wireless networks when the owner reconfigured the device, according to a report issued by security firm Bitdefender.

The issue, which was fixed by Amazon in September, underscores the impact of a single insecure Internet-of-Things device on the organization in which it is deployed. While the vulnerability may only occur in a single network device, the result of the flaw could be leaked information — the wireless network password, for example — which  would have far more serious repercussions.

"IoT is a security disaster, any way you look at it," says Alexandru Balan, Bitdefender's chief security researcher. "Security is not the strong suit of IoT vendors — only rarely, do we see vendors who take security seriously."

The discovery of a serious vulnerability in a popular IoT product comes as businesses and consumers increasingly worry about the impact that such devices may have on their own security. Only about half of security teams have a response plan in place to deal with attacks on connected devices, according to recent report from Neustar. Even critical-infrastructure firms, such as utilities that have to deal with connected operational technology, a widespread class of Internet-of-Things devices, are ill-prepared to deal with vulnerabilities and attacks, the report says.

Vulnerabilities in IoT devices can have serious repercussions. In July, a team of researchers found widespread flaws in the networking software deployed in as many as 200 million embedded devices and found millions more that could be impacted by a variant of the issue in other real-time operating systems.

The issue with Amazon Ring is not as serious but it is a reminder that vulnerabilities can still be easily found in the devices by attackers paying attention, says Balan"We tend to look at the popular devices, and those tend to have better security than the less popular devices," 

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ring Flaw Underscores Impact of IoT Vulnerabilities | Log In/Create an Account | Top | 8 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday November 14 2019, @01:10AM

    by Anonymous Coward on Thursday November 14 2019, @01:10AM (#920110)

    A drunk wandered into the Catholic Church, headed straight for the confessional.

    The priest saw, and scurried into position.

    No one said a word.

    Puzzled, the priest rattled on the grate and cleared his throat.

    Again, silence.

    The priest asks if there is any burden to lift to the Lord.

    The drunk finally responds...

    Sorry, ain't no paper in this side either!