Security Flaws Found in Google Chromecast, Home Security Systems, Smart Coffee Makers

Security researchers at Kaspersky have decided to have a look at IoT-enabled devices and their lack of security measures.

Sourced through Scoop.it from: spd.rss.ac

Security researchers at Kaspersky have decided to have a look at IoT-enabled devices and their lack of security measures. The results of their experiment, yet again, confirms that Internet of Things devices still lack the proper security measures even today, after years during which many cyber-security vendors have griped about their vulnerabilities.  In their most recent experiment, Kaspersky chose four random IoT devices, which they’ve meticulously analyzed for any security flaws. The results are a little worrying since all the flaws can be chained together and provide criminals with an attack scenario they can follow and gain access to so-called “smart-homes.”  –  Google Chromecast (USB TV dongle for video streaming)

The first step in such kind of attacks can occur when utilizing the famous “rickrolling” vulnerability in Google Chromecast devices that allows attackers to hijack the content shown on a smart TV.

This can be useful for displaying error messages that fool the user into believing he needs to change his Wi-Fi password or reset the local wireless router to factory default settings, which can easily be leveraged by attackers.  Smart coffee maker (controlled via a smartphone app)  Kaspersky researchers also identified a smart coffee maker device that can expose the user’s Wi-Fi password.

Kaspersky declined to name the coffee machine’s make and model since the vulnerability has not been patched yet.  As you can imagine, getting hold of a target’s Wi-Fi password can grant criminals access to a person’s entire portfolio of IoT devices, since all work and use the home’s Wi-Fi network.

See on Scoop.itInternet of Things – Company and Research Focus

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s