Vectra Threat Labs Warns: Consumer IoT Vulnerable to Exploits

By CIOReview | Wednesday, January 13, 2016

SAN JOSE, CA: As cyber attacks are increasing rapidly, enterprises are looking for prevention-centric technologies to save their network area. However, they do not know that the preventive measures in which they are investing are not perfect.
To prove that, Vectra Networks, a provider of real-time detection of in-progress cyber-attacks, has announced that the Vectra Threat Labs has found that consumer-grade IoT products such as Wi-Fi security cameras are vulnerable to exploits. They can be easily hacked and reprogrammed by the attackers turning them into permanent backdoors. Attackers can remotely command and control attack without fear of being detected by preventive measures.
“Unlike the computers people regularly interact with, these devices do not have the processing power or memory to run antivirus or other security software. Since they don’t have usable persistent storage, attackers use NVRAM to store the configuration and flash ROM to store the malicious code,” says Gunter Ollmann, CSO, Vectra Networks.
To verify the vulnerabilities in IoT products, Vectra Threat Labs team bought the D-Link Wi-Fi camera for the test. They reprogrammed the camera to act as a network backdoor without disturbing its operation as a camera. After reprogramming of the camera, they found that turning an IoT device into a backdoor gives hackers entry to an organization’s network without needing to taint a laptop, workstation, or server, all which are usually under scrutiny by firewalls or by malware sandboxes.
“The irony in this particular scenario is that Wi-Fi cameras are typically deployed to enhance an organization’s physical security, yet they can easily become a network security vulnerability by allowing attackers to enter and steal information without detection,” adds Ollmann.