Security flaws were revealed within the firmware of Samsung‘s SmartThings Hub. Cisco Talos issued a blog on multiple vulnerabilities. As Jeremy Cowan reports, this is not the only IoT security flaw exposed recently. No surprise then, that enterprises are getting twitchy about the security of their future IIoT services.
Talos finds Samsung Smart Things vulnerability
Cisco Talos has been working with Samsung to ensure that these issues have been resolved and that a firmware update has been made available for affected customers.
The hub is a central controller that allows smartphone-equipped users to monitor and manage various Internet of Things (IoT)-enabled household electronics. These include: light bulbs; heating, ventilation & air-conditioning (HVAC) systems; door locks, and so on. These vulnerabilities could allow an attacker to execute operating system (OS) commands or other arbitrary code on affected devices.
The firmware running on the SmartThings Hub is Linux-based and allows for communications with IoT devices using a variety of different technologies such as Ethernet, Zigbee, Z-Wave and Bluetooth.
The flaw has been disclosed to Samsung who now have a fix available, but the vulnerabilities are said by a Cisco Talos spokesperson to be “quite severe”.
Given that these devices often gather sensitive information, the vulnerabilities discovered could enable an attacker to monitor and control devices within the home or business, or to perform unauthorised activities. For example:
Smart locks controlled by the SmartThings Hub could be unlocked, allowing for physical access to the home.
Cameras deployed within the home could be used to remotely monitor occupants.
Motion detectors used by the intruder alarm system could be disabled.
Smart plugs could be controlled to turn off or on important systems that may be connected.
Thermostats could be controlled by unauthorised attackers.
Attackers could also cause physical damage to appliances or other devices that may be connected to smart plugs deployed within a smart building.
Swann’s home security cameras hijacked
At the same time last week, news was breaking that Swann’s security cameras could easily be hijacked and their video and audio feeds accessed. The popular brand of wireless security camera — designed to safeguard businesses and homes — was, in fact, vulnerable to a spying hack.
The flaw meant it was possible to access video and audio streamed from other people’s properties by making a minor change to Swann Security‘s app. Researchers found the problem after the BBC reported a case where one customer had received another’s recordings.
Responding to the new findings, Swann has told the BBC that the problem was confined to one model, the SWWHD-Intcam, also known as the Swann Smart Security Camera.
Commenting on this, Adam Brown, manager of security solutions at California-based Synopsys, an application security testing company, tells IoT Now: “I personally have experience with Swann cameras – I used to have one, albeit different from the one in the report. I found that the camera feed itself could be accessed directly from the network the camera was on, and there was some access control over that video feed – a hardcoded password, as I remember – this is bad practice.
“If that camera was placed directly on the internet (not behind a firewall) then prying eyes could potentially see what my camera could see. Obvious lax security controls indicate systemic failings. Without speculating on the technicalities of what went wrong here, I would surmise that the software security initiative at Swann is either lacking or could benefit from some deliberate improvement driven from management. The camera market is catching up in cybersecurity. Leading Chinese manufacturers are integrating privacy and security into their cameras and infrastructure. Privacy and security are going to be vital for the camera industry, itself placed as a security solution,” Brown adds.