Both proponents and critics of internet of things (IoT) connected devices have long questioned their security, at least from a hacking standpoint. From Nest thermostats that were intentionally hacked to prove a point to the potential for insulin pumps and glucose meters to be manipulated with life-threatening consequences, there have been more questions than answers for quite some time.
Of course, the cybersecurity industry got at least one definitive answer earlier this year when IoT-connected devices were hijacked and used in a DDoS attack that temporarily crippled several major websites. The quick and easy answer became yes, IoT poses a security risk that we might not have taking into consideration.
But a new finding has uncovered another area for concern, and that’s the unsecured routers that several telecom companies in Europe have issued, many of which consumers received in order to connect their IoT devices. Dan Goodin for Ars Technica outlined the issue, and reported that companies in Germany and Ireland were providing routers with unsecured ports:
“Routers provided to German and Irish ISP customers for Deutsche Telekom and Eircom, respectively, have already been identified as being vulnerable, according to recently published reports from researchers tracking the attacks. The attacks exploit weaknesses found in routers made by Zyxel, Speedport, and possibly other manufacturers. The devices leave Internet port 7547 open to outside connections.”
So far, the estimates on the number of affected vulnerable routers reaches well into the tens of millions, with updates continuing to be posted. Owners of the impacted routers have been warned to reboot and install a patch, but the directions are not as straightforward as simply updating your web browser. In the meantime, keeping an eye on which devices you’ve got in use – and monitoring outcomes like the loss of battery power in Nest following its attack – can help keep you aware of any breaches.
Keep up to date with the latest security programs. Download hand picked software now on FileHippo.com.