Reading some information online, I come across a recent project from Princeton University, they have released a tool called IoT Inspector which analyzes the security and privacy of IoT devices. Now the results as im sure you can imagine are very shocking, they have already used the tool to study a wide range of available devices, you can read the full post on there blog here.
However a very brief summary of what they found is basically that IoT devices lack basic encryption and authentication, user behavior can be interfered with, many IoT devices contact large and diverse third parties and smart home device traffic is predictable. I guess a lot of use had an underline thought that this sort of thing happened, but some of the actual results are a little surprising, below is a brief summary of some of the IoT devices and what it is they do.
The Mirai botnet used hacked IoT devices to conduct distributed denial of service (DDoS) attacks on critical Internet infrastructure. Most owners of these devices had no idea that their security cameras or DVRs were participating in the attack. Is this the new attack surface we are now looking at, maybe a lot of this is of no surprise but its surley now something that needs addressing in the world we live in before sky-net takes over the world and we are forced to live underground 🙂