Vectra Networks Reveals Vulnerabilities in IoT Devices


The full potential of the Internet of Things (IoT) is still not very clear, but one thing it will do for sure is connect more things and make them smarter. The always connected nature of this technology means it could potentially be accessed at any given time. Therefore, the announcement by Vectra Networks about the vulnerabilities in IoT devices creating hidden backdoors for persistent attacks is not a big surprise to industry insiders, or even consumers for that matter.

A survey conducted by Auth0 in November of 2015 revealed just as much, with 52 percent of consumers stating most IoT devices in the market don’t have the necessary security in place as of  right now. The number almost doubles when developers were asked the same security question, with nine in 10 or Ninety percent coming to the same conclusion.

The backdoor gateways were discovered by Vectra Threat Labs on a popular security Wi-Fi cameras. The lab, which is a research arm of Vectra Networks brings together its expertise in security research and data science to identify anomalies in networks and find out the cause or causes for the observed behavior.

The company said, devices such as Wi-Fi security web cameras can be hacked and reprogrammed to service as permanent backdoors. Once the backdoors have been established, the hackers can launch attacks without being detected using traditional security products.

“Consumer-grade IoT products can be easily manipulated by an attacker, used to steal an organization’s private information, and go undetected by traditional security solutions,” said Gunter Ollmann, CSO of Vectra Networks.

The reason IoT devices are vulnerable is because they are low in value, as it relates to cost. The low cost and other considerations has resulted in manufacturers and developers limiting the security protocols to protect the devices. Hackers are aware of these targets, and they have now made IoT devices one of the vectors for breaching networks. It is much easier hacking into a device that doesn’t have the processing power or memory to run antivirus or other security software.

The experiment by Vectra Threat Labs was carried out on a D-Link Wi-Fi camera that was purchased for around $30. The researchers then programmed the camera to act as a network backdoor without disrupting its operation as a camera successfully. Once Vectra found out about the vulnerability, it informed D-Link in early December 2015. However, a solution hasn’t been found or disclosed as of Jan. 7, 2016, this according to Vectra.

Ollman points out, “Most organizations don’t necessarily think of these devices as miniature computers, but essentially they are in that they can still give attackers access to sensitive company information, particularly because they are connected to the corporate network.” And until everyone realizes the connected IoT devices are just as valuable as other digital assets connected to the organization’s network, they will be exploited by hackers in greater numbers as the deployments increase.

Edited by Ken Briodagh

Contributing Writer

Related Articles

New Study Identifies the Power of Merging AI and IoT

By: Ken Briodagh    8/19/2019

Data Analytics firm Research and Markets has released a new study, which evaluates technologies involved in digital transformation including AI and Io…

Read More

Balancing Risk Management and Innovation within Your Organization

By: Special Guest    8/14/2019

Too often risk management takes a backseat to innovation. You cannot have one without the other. Become too risk-averse and you stagnate. Ignore risk …

Read More

Taoglas Acquires Firmwave to Enable Next-Generation IoT

By: Ken Briodagh    8/12/2019

Acquisition enables Taoglas to extend advanced IoT design and component solutions to its global customers

Read More

IMS Evolve and Current, Powered by GE, Partner on Smart Food Retail

By: Ken Briodagh    8/9/2019

Partnership enabling retailers to leverage legacy infrastructure to achieve multi-million dollar energy savings, reduce machine failure and slash stoc…

Read More

IoT Pioneer Chris Rezendes Sees Truth in Trusted Data and Opportunity in Connection

By: Arti Loftus    8/9/2019

SPONSORED CONTENT: Chris Rezendes has helped hundreds of companies to explore, develop, and market complex technologies using outside-of-the-box think…

Read More