According to the latest IoT information, the security researchers of Barracuda Networks recently scrutinized an internet-based security camera for illustrating the increasing security vulnerability of IoT credential compromise.
The study points out that the threats in the mobile and web applications of the IoT devices can easily be exploited for stealing credentials and compromising the connected devices. With no direct connection with the actual device, the team identified several threats in the mobile app and web app ecosystem of the camera.
The researchers said in a statement that these vulnerabilities could affect the other kinds of IoT devices as it takes benefits from how the device interacts with the Cloud.
For these reasons, Barracuda believes that the IoT products must be examined regularly and all their security reviews should be published just like the safety ratings of motor vehicles. This will, in turn, help the consumers and business enterprises in making better decisions while choosing the products.
The researchers said that though necessary enhancements have been carried out for curbing the potential security risk concerns of the IoT devices, certain vulnerabilities remain.
The Barracuda Labs team particularly highlighted the vulnerability of the compromise of IoT credential by demonstrating that the attackers can use threats in the mobile and web apps used by some IoT devices for obtaining credentials that can be used for viewing video feeds, removing saved videos from Cloud, and reading account information.
Giving his statements on the findings of this research, Jason Hart, the CTO of Data Protection at Gemalto, said in a statement that without any consistent directive guiding the industries there is no provision for controlling these ever-increasing vulnerabilities and threats.
He said, “This will only continue unless governments step in now to help industry avoid losing control.”
**This post was published on www.sdxcentral.com