Vectra Networks Reveals Vulnerabilities in IoT Devices


The full potential of the Internet of Things (IoT) is still not very clear, but one thing it will do for sure is connect more things and make them smarter. The always connected nature of this technology means it could potentially be accessed at any given time. Therefore, the announcement by Vectra Networks about the vulnerabilities in IoT devices creating hidden backdoors for persistent attacks is not a big surprise to industry insiders, or even consumers for that matter.

A survey conducted by Auth0 in November of 2015 revealed just as much, with 52 percent of consumers stating most IoT devices in the market don’t have the necessary security in place as of  right now. The number almost doubles when developers were asked the same security question, with nine in 10 or Ninety percent coming to the same conclusion.

The backdoor gateways were discovered by Vectra Threat Labs on a popular security Wi-Fi cameras. The lab, which is a research arm of Vectra Networks brings together its expertise in security research and data science to identify anomalies in networks and find out the cause or causes for the observed behavior.

The company said, devices such as Wi-Fi security web cameras can be hacked and reprogrammed to service as permanent backdoors. Once the backdoors have been established, the hackers can launch attacks without being detected using traditional security products.

“Consumer-grade IoT products can be easily manipulated by an attacker, used to steal an organization’s private information, and go undetected by traditional security solutions,” said Gunter Ollmann, CSO of Vectra Networks.

The reason IoT devices are vulnerable is because they are low in value, as it relates to cost. The low cost and other considerations has resulted in manufacturers and developers limiting the security protocols to protect the devices. Hackers are aware of these targets, and they have now made IoT devices one of the vectors for breaching networks. It is much easier hacking into a device that doesn’t have the processing power or memory to run antivirus or other security software.

The experiment by Vectra Threat Labs was carried out on a D-Link Wi-Fi camera that was purchased for around $30. The researchers then programmed the camera to act as a network backdoor without disrupting its operation as a camera successfully. Once Vectra found out about the vulnerability, it informed D-Link in early December 2015. However, a solution hasn’t been found or disclosed as of Jan. 7, 2016, this according to Vectra.

Ollman points out, “Most organizations don’t necessarily think of these devices as miniature computers, but essentially they are in that they can still give attackers access to sensitive company information, particularly because they are connected to the corporate network.” And until everyone realizes the connected IoT devices are just as valuable as other digital assets connected to the organization’s network, they will be exploited by hackers in greater numbers as the deployments increase.

Edited by Ken Briodagh

Contributing Writer

Related Articles

ZEDEDA Teams Up with Accenture and Lanner to Open Up New Solutions for Edge Computing Deployments

By: Matthew Vulpis    2/25/2021

In the business world today, almost everything is done digitally, which is why when it comes to designing and deploying Industrial IoT and edge comput…

Read More

Reentering the IoT Analyst Atmosphere - My view from the not-so-cheap seats

By: Special Guest    2/23/2021

IoT technology and strategies are the core tools for organizations to gain crucial visibility into their operations, machines, products, and buildings…

Read More

Visualize This: The IoT Landscape and a Map for the Future from Semtech

By: Arti Loftus    2/11/2021

With a plethora of networking options becoming more readily available for the Internet of Things (IoT), selecting the most effective IoT network for a…

Read More

As More IoT Devices Connect Through Cellular Networks, Two Companies Join Forces to Simplify and Secure Connectivity

By: Arti Loftus    2/10/2021

Matt Hatton, a founding partner of Transforma Insights, recently penned a report summarizing the elements required to connect thousands or even tens o…

Read More

SenRa Collaborates with TEKTELIC to Accelerate LoRaWAN Adoption

By: Juhi Fadia    2/10/2021

SenRa, one of the leading LoRaWAN public network operators across India, has officially proclaimed its collaboration with TEKTELIC, a top-tier provide…

Read More