On the security of IoT devices

According to Cisco’s Annual Internet Report, nearly two-thirds of the global population will have Internet access by 2023. The number of devices connected to IP networks will be more than three times the number of people in the world. The consumer segment will have a nearly three-fourths share of total devices and connections. Moreover, IoT devices will account for 50 percent of all networked devices, and about a third will be wireless.

On the other hand, there has been a rise in the number of people working remotely due to the global pandemic during the last years. Because of this, the security of a company’s network can also depend on the security of the home network of its employees. However, home networks are far from hardened, and most consumer internet-connected devices have a reputation for being vulnerable.

After reflecting on these observations, Faraday’s research team has embarked on a new mission to find and report security vulnerabilities in IoT devices. We invite you to read the first in a series of posts that will discuss the vulnerabilities we find and the techniques and lessons learned along the way: Bypassing password protection and getting a shell through UART in NEC Aterm WR8165N Wi-Fi router. We opted to share our insights since it’s in our best interest to boost the knowledge of the community about these devices’ inner workings to facilitate vulnerability discovery and, in consequence, make this ecosystem more secure.

Check out the first part👇

• Bypassing password protection and getting a shell through UART in NEC Aterm WR8165N Wi-Fi router

Sources:

• https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html

Are you interested in our products? Check out our free version, right here. ⚡🚀