The camera analyzed by Bitdefender is used for monitoring purposes by many families and small businesses. The device includes standard monitoring features, such as a motion and sound detection system, two-way audio, built-in microphone and speaker, and temperature and humidity sensors. The security vulnerabilies can easily be exploited during the connection process. The IoT camera creates a hotspot during configuration via a wireless network. Once installed, the corresponding mobile application establishes a connection with the device’s hotspot and connects to it automatically. The app user then introduces the credentials and the setup process is complete. The problem is that the hotspot is open and no password is required. Moreover, the data circulating between the mobile application, IoT camera and server is not encrypted. And to make things worse, Bitdefender also detected that the network credentials are sent in plain text from the mobile app to the camera. As a result, an attacker can impersonate the genuine device by registering a different device, with the same MAC address. The server will connect with the device that registered last, and so will the mobile app. In this manner, attackers can capture the webcam’s password. In order to avoid privacy breaches, do a thorough research before buying an IoT device and read online reviews that may reveal privacy issues. Secondly, install a cybersecurity tool for IoTs, such as Bitdefender’s Box. These tools will scan the network and block phishing attacks and other threats. RELATED STORIES YOU NEED TO CHECK OUT:
Program a Raspberry Pi from your browser with Windows 10 IoT Core Blockly Arduino Wiring supported on Windows 10 IoT Core Windows 10 IoT app brings support for networked 3D printers
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
