McAfee researchers uncovered on Monday two new vulnerabilities within connected devices that allow hackers access to the personal lives of consumers.
A vulnerability within BoxLock smart padlock enables hackers to unlock the device within a few seconds, and a vulnerability within the Mr. Coffee brand coffee maker with Wemo grants hackers access to home networks.
As the Internet of Things (IoT) grows and smart devices gain popularity, McAfee warns consumers and businesses alike that cybercriminals will continue to find new ways to exploit all connected things.
McAfee is committed to threat research and applauds businesses that quickly remediate disclosed vulnerabilities to provide more secure products to their customers.
While there is no way to predict the future of IoT attacks, McAfee offers consumers and businesses tips to ensure devices and data are protected from such vulnerabilities.
Consumers have been advised to set-up a secondary network for IoT devices that doesn’t share access to primary network and the devices and data connected thereto. They must also consider getting a router with built-in security features, making it easier to protect all the devices in the home from one access point; and set the device to auto-updates so that users always have the latest software and be sure to change all default passwords after purchasing a new device.
For businesses to secure customers, McAfee has invested in security early in the development of products and assume that at some point you will run into a vulnerability that needs to be addressed right away. Be sure to constantly monitor products for potential vulnerabilities and access points for cybercriminals.
It further cautioned enterprises to keep all computers and devices protected by using robust security software that can help safeguard private information and protect from threats. When faced with a vulnerability, be proactive and transparent in addressing the issue, and engage with the security research team for the fastest path to remediation.
“Cybercriminals are relentless, and as long as we continue to connect devices to the internet, they will continue to search for ways to exploit them,” said Raj Samani, McAfee fellow and chief scientist. “Vulnerability disclosures can be frightening for both the consumers using connected devices and the organizations that create them, however, the process is an essential component of creating a safer future. Cybersecurity researchers, businesses, and consumers working together to expose and eliminate these vulnerabilities keeps us all a step ahead of the bad guys.”
