UAE based Cybersecurity company finds vulnerabilities in IoT and Smart devices – Highlighting the dangers for consumers and businesses

Urges consumers and businesses to understand the risks of “smart” devices and to protect themselves

Mobilk - ( ME NewsWire) So called “Internet of Things” (IoT) or Smart devices seem to be all the rage these days – both in the press and the market. IoT is predicted to be a multi-billion dollar wave of technology coming in over the next few years – with everyday devices being connected to each other and service providers, to make life easier. 

While there are certainly advantages to IoT and Smart devices, they are also a very attractive area for hacking and privacy breaches. At a regional security tradeshow, Managed, a UAE based cyber security company recently showcased how vulnerable the IoT systems and Smart consumer electronics are to hacking and being breached. 

Managed security analysts hacked into and compromised latest brand-name Smart consumer electronics, children’s games and toys, computing devices and industrial equipment. The objective of this exercise was to raise awareness in the market about the dangers lurking in these devices and how to mitigate the risks. In the field, Managed engineers have routinely found connected devices being deployed without proper security and hardening processes. 

Users need to realize that these IoT and Smart devices are full-fledged computers that require the same level of patching and security management, as their regular PCs and communication devices. 

The other serious issue is the amount of information being sent back by the connected Smart devices to the manufacturer or the service provider. As the number of devices being deployed in the field increases, manufacturers are adding more services to generate revenue. Packet data analysis of traffic going from the devices back to the manufacturer shows very detailed information being sent back. 

Managed recommends that companies and consumers should be mindful of security and privacy when deploying these new technology devices at work and in their homes. The first step is to change the default passwords for Admin level to complex passwords and then update the firmware with the latest version so that the Smart device can be more secure. 

Users should carefully check the options in the setup menus to ensure that their privacy is maintained. Managed analysts however warn that selecting privacy options is still not a guarantee that user’s private information is not being sent back. Companies should also think through the security implications and if possible isolate the IoT equipment from their main corporate networks.