New IoT vulnerabilities show high risk of connected devices
A vulnerability within BoxLock smart padlock enables hackers to unlock the device within a few seconds.
McAfee researchers have uncovered two new vulnerabilities within connected devices that allow hackers access to the personal lives of consumers. A vulnerability within BoxLock smart padlock enables hackers to unlock the device within a few seconds, and a vulnerability within the Mr. Coffee brand coffee maker with Wemo grants hackers access to home networks. As the Internet of Things (IoT) grows and smart devices gain popularity, McAfee warns consumers and businesses alike that cybercriminals will continue to find new ways to exploit all connected things. McAfee is committed to threat research and applauds businesses that quickly remediate disclosed vulnerabilities to provide more secure products to their customers.
“Cybercriminals are relentless, and as long as we continue to connect devices to the internet, they will continue to search for ways to exploit them,” said Raj Samani, McAfee fellow and chief scientist. “Vulnerability disclosures can be frightening for both the consumers using connected devices and the organizations that create them, however, the process is an essential component of creating a safer future. Cybersecurity researchers, businesses, and consumers working together to expose and eliminate these vulnerabilities keeps us all a step ahead of the bad guys.”
While there is no way to predict the future of IoT attacks, McAfee offers consumers and businesses tips to ensure devices and data are protected from such vulnerabilities:
3 Steps for Consumers to Protect What Matters
-Set-up a secondary network for your IoT devices that doesn’t share access to your primary network and the devices and data connected thereto
-Consider getting a router with built-in security features, making it easier to protect all the devices in your home from one access point
-Set your device to auto-updates so you always have the latest software and be sure to change all default passwords once you purchase a new device
3 Steps for Businesses to Secure Customers
-Invest in security early in the development of your products and assume that at some point you will run into a vulnerability that needs to be addressed right away. Be sure to constantly monitor products for potential vulnerabilities and access points for cybercriminals
-Keep all your computers and devices protected by using robust security software that can help safeguard your private information and protect you from threats
-When faced with a vulnerability, be proactive and transparent in addressing the issue, and engage with the security research team for the fastest path to remediation