Ring camera doorbells gained fame for catching porch pirates steal packages but after several high-profile cases where hackers gained control of them they are being held up by the cybersecurity industry as a prime example why companies and homeowners need to take IoT security seriously.
cases revolve around malicious actors hijacking these devices and using them to
communicate with people inside the home. In an incident in Mississippi a
malicious actor used an internal Ring camera to talk to a young girl using racial
slurs and back in October another hacker gained control of a Nest camera and
threatened to kidnap a baby.
It is believed in each case the malicious actors took advantage of the device’s poor security to gain access. In the case of the Ring camera, which his owned by Amazon, the company recommended to those buying or who already have a Ring to not reuse old passwords and to implement MFA to make it more difficult to hack.
devices up to date with secure logins and having the latest security patches is
now a must for anyone who has installed this or any type of IoT said Avast Vice
President Leena Elias.
people now need to be able to assess the security of new tech devices that
could be used against them,” We need to use a wide variety of security measures
to ensure that devices connected to our home networks are secure,” she said,
adding to not forget about the home’s router which is frequently shipped with a
standard admin login that needs to be changed.
One of the reasons consumers don’t update is that they are simply unaware of the need and the benefits of doing so. Another factor is difficulty. Gaining access to the admin functions is not always a simple matter for the average person.
studies in the financial industry have found consumers are willing to embrace
more engagement around fraud prevention if it means their information is
secured (think: multi-factor authentication.) However, if consumers aren’t
aware of the benefits associated with taking more control, they leave
themselves vulnerable to malicious attacks. Sherif Samy, senior vice president,
North America for Entersekt.