A vigilante is putting a huge amount of work into infecting IoT devices

Edward78 · 27 Apr 2017 at 17:37

https://arstechnica.com/security/20...ge-amount-of-work-into-infecting-iot-devices/ so are IoT devices really that unsecurw or are they trying to scare us???

Caged · 27 Apr 2017 at 19:42

Most IoT devices are a dumpster fire when it comes to security. It gets even worse when a company that isn't traditionally the sort that would have an infosec department (like someone who makes fridges) decides to buy IoT integration off the shelf from some random Shenzhen tat merchant, as the company simply isn't geared up to handle any sort of reporting of security issues and respond to them in an adequate way.

There is zero chance I'd be opening ports through to a CCTV recorder or leaving UPnP enabled for the devices to do it themselves. If you want to access stuff inside your network on the move then use a VPN.

kitfit1 · 27 Apr 2017 at 19:46

They are only as unsecure as we allow them to be. For the average "joe public" that wants his fridge to tell him he is low on milk......................that's something he will never think about. Much in the same way most peeps never think about the security of a smart TV.

Rroff · 27 Apr 2017 at 19:50

If what is going around on some darker corners of the internet is true then some people are putting a huge amount of work into being able to infect IoT devices with a crypto payload which can then reinfect a network later (potentially over and over) after you think you've cleaned out the infection when it first appears.

I can't stress enough if you have important data make sure you have offline copies that can be write protected and/or cloned to recover from.

pc-guy · 1 May 2017 at 21:57

I always have a feeling that we are always going to be on the loosing side of this battle. The hackers just get better with each cycle. their coding gets more sophisticated along with the increase in software advances, hardware capabilities and ultimately capacity of the net.

Fishpan · 6 May 2017 at 15:22

Used to work for a major electronics retailer that would always get us to push sales of IoT. Very difficult when so many of the public are more concerned about privacy than the gimmicky features offered by many IoT products.

Nikumba · 8 May 2017 at 11:42

This is why in the process of changing my network around so any IoT devices and things like Alexa are going on their own external VLAN

Sp00n · 8 May 2017 at 12:02

Security is seemingly an afterthought with IoT, it's all well and good being technically savvy enough to mitigate this by segregating the devices but the average user doesn't 1) care 2) know how, so they just get plonked on the network with everything else.

Fishpan said:
Very difficult when so many of the public are more concerned about privacy than the gimmicky features offered by many IoT products.

That's actually quite refreshing to hear if that's true.