Menu
See You At IoT Evolution Expo & The #TechSuperShow | February 11-14, 2020 | Fort Lauderdale, Florida REGISTER TODAY.

IoT FEATURE NEWS

DEF CON Researchers Find Major IoT Security Problems During Hackathon

By

DEF CON is the biggest annual home of security nightmares for the IT and, now, IoT industries. This was the 24th event and the second annual IoT Village, in which the security experts look to find unpatched flaws in commercially available IoT products. It’s organized by Independent Security Evaluators (ISE). At the August event, the participants uncovered more than 47 new vulnerabilities across 23 different devices from 21 brand name manufacturers.

One of the more unnerving exploits was presented by researcher Fred Bret-Mounet, who showed an attacker could shut down the equivalent of a small to mid-sized power generation facility by accessing the flaw in solar panels manufactured by Tigro Energy.

In another reveal, researcher Anthony Rose found that 75 percent of the smart locks he investigated could be easily compromised, letting an attacker open the lock on a victim's front door. Another researcher discovered a series of vulnerabilities with August locks which, if exploited, would mean that anyone who ever had access to the controlling mobile device or the lock itself could compromise the lock.

Scared yet?

Afflicted manufacturers this year included: Samsung, Subaru, Trane, QuickLock, Elecycle, and Blossom. Some of the problems were as basic as fundamental design flaws like use of plaintext passwords and hard coded passwords, or susceptibility to buffer overflows and command injection.

“In the past two years, IoT Village has uncovered 113 critical, previously unknown vulnerabilities across both consumer and business products from some of the largest brand names in the world,” said Ted Harrington, Executive Partner at ISE and one of the organizers of IoT Village. “These discoveries are significant contributions to security research but also illustrate the pressing need for security improvements in IoT devices.”

This year, IoT Village caught the attention of the federal government. Rear Admiral (ret.) David Simpson, a Bureau Chief of the Federal Communications Commission, spoke at the event and noted that IoT Village is taking strides toward “making things harder” for attackers, by putting the spotlight on these issues. Terrell McSweeny, commissioner of the Federal Trade Commission, also spoke. He discussed the FTC’s law enforcement actions challenging inadequate data security in connected devices, saying, “We believe that improved security is going to be achieved through a synergy between government, manufacturers, and the security community.”

IoT Village next runs at DerbyCon, from Sept 21-25 in Louisville, KY. More information about IoT Village can be found at the official event website.




Edited by Maurice Nagle

Editorial Director

SHARE THIS ARTICLE
Related Articles

How will 5G Transform IoT? Find Out at IoT Evolution Expo 2020

By: Ken Briodagh    2/13/2020

IoT Evolution Expo 2020 is rolling and ongoing, and we interviewed several of our speakers to get a bit of a preview of what to expect from their sess…

Read More

What is the Macro Network for IoT? Learn about the System of Systems at IoT Evolution Expo 2020

By: Ken Briodagh    2/13/2020

IoT Evolution Expo 2020 is in full swing and killing it, and we interviewed several of our speakers to get a bit of a preview of what to expect from t…

Read More

It's Time to talk about the Software Defined IoT at IoT Evolution Expo 2020

By: Ken Briodagh    2/11/2020

IoT Evolution Expo 2020 is happening right now, and we interviewed several of our speakers to get a bit of a preview of what to expect from their sess…

Read More

IoT Evolution Expo 2020 Features AI and Machine Learning Experts

By: Ken Briodagh    2/10/2020

IoT Evolution Expo 2020 is coming up fast, and we interviewed several of our speakers to get a bit of a preview of what to expect from their sessions.

Read More

Let There Be Smart Lighting at IoT Evolution Expo 2020

By: Ken Briodagh    2/7/2020

Here, we spoke to one our featured Smart City panelists, Don DeLoach, CEO, Rocket Wagon Venture Studios, who will be taking the stage At IoT Evolution…

Read More