A newly-discovered vulnerability is leaving over 5 billion IoT devices open to a Bluetooth cyber-attack dubbed “BlueBorne,” according to IoT enterprise security company Armis – meaning that hackers could take over the devices, spread malware, or gain access to critical data and networks.
Steve Brumer, partner at 151 Advisors, comments:
“The vast majority of security compromises are due to devices that have identified vulnerabilities with patches available, but they have not been updated. Currently, there is no checklist or approval process to indicate that a device meets such standards. Every restaurant has a rating of 0 – 100 at the front door, but home cameras don’t have a rating system that indicates if a device is future proof for security threats. Can it receive OTA updates? Can the device check for patches every week? Who is ultimately responsible for updating the device?”
“The most secure device would look for new patches every day and the burden to update the device would be on the manufacturer. A less secure device would require the end user to check for patches and manually update the device, which in reality would never happen.”
“If you ask most consumers who is responsible for updating the software on their home cameras, those in the tech industry will not know and those who are not tech savvy may reply ‘What? There is software in the camera?’”