Latest News

Most at-risk IoT devices revealed

IoT

A recent analysis from security company Zscaler reveals the IoT devices that are most at risk of attack. This was achieved by tracing back to July for recent IoT device footprints based on the traffic seen in the Zscaler cloud. The company looked at the types of devices in use, the protocols used, locatons of the servers with which they communicated, and the frequency of their inbound and outbound communications over a two-month period (26 August 2016-26 October 2016).

The company found that the most at-risk devices were cameras, home entertainment systems, printers and IP phones. This is because many of these devices were still using plain-text HTTP protocol for authentication and firmware updates, “which makes their communication vulnerable to sniffing and Man-in-The-Middle (MiTM) attacks”.

The following devices have been targeted the most in recent attacks:

Video monitoring and surveillance cameras

  1. Flir FX Wireless HD Monitoring Camera

Security concern: “This device was found to be communicating over plain-text HTTP with the FLIR services server for firmware updates without any authentication tokens.”

  1. Canary Home Security System

Security concern: None.

  1. Foscam

Security concern: “This device was leaking user credential information over HTTP in the URI.”

  1. Dahua DH Security Camera

Security concern: “Weak default credentials and communication over HTTP makes the communication susceptible to sniffing and MiTM attacks.”

  1. Axis Camera

Security concern: “We found the remote management console of the camera to be using basic HTTP based authentication, which makes the communication susceptible to sniffing and MiTM attacks.”

 

Smart TVs and entertainment devices

  1. Haier Android TV 

Security concern: “The security concern with respect to smart TVs in general is the use of outdated libraries which could be exploited to gain control over the system.”

  1. Chromecast Media Player

Security concern: None.

  1. Roku Streaming TV and Media Player

Security concern: None.

 

Smart network printers and scanners

  1. Epson Printer

Security concern: None.

  1. HP Designjet printers

Security concern: None.

  1. Fuji Xerox Printer 

Security concerns: “We observed print monitors connecting to maintenance logging modules without any authentication. Network printers are usually installed and set up in a way to make them reachable by most users on the internal networks. It is important to ensure that these printers are running the latest security patches by keeping firmware up to date.”

 

Digital and network video recording systems (DVR/NVR)

  1. VideoEdge NVR

Security concern: “Weak default credentials and communication over HTTP makes the communication susceptible to sniffing and MiTM attacks.”

  1. D-Link DNR-202L

Security concern: “Weak default credentials and communication over HTTP makes the communication susceptible to sniffing and MiTM attacks.”

 

IP Phones

  1. Panasonic KX-TGP500B04 

Security concern: “These devices were found to be downloading a root certificate as well as performing authentication over plain-text HTTP protocol, making them vulnerable to sniffing and MiTM attacks.”

  1. Yealink SIP T46G phones

Security concern: “These devices were found to be using basic HTTP authentication.”

 

This information was sourced from Zscaler.

Send this to a friend