"Mandiant, CISA Urge ThroughTek Customers to Fix Software Bug in Millions of Baby Monitors, Cameras"
Researchers at FireEye's threat intelligence and incident response unit Mandiant have discovered a software flaw that leaves millions of Internet of Things (IoT) devices vulnerable to remote attacks. Hackers could use this vulnerability to intercept audio and video data on devices, such as baby monitors and web cameras. The vulnerability exists in a software protocol made by the Taiwan-based IoT vendor ThroughTek. This vendor's customers include the Chinese electronics giant Xiaomi. According to ThroughTek, 83 million devices of other brands use its software. An attacker would need to have comprehensive knowledge of the software as well as the unique identifiers used by the targeted device in order to exploit the flaw. This access could allow a hacker to communicate with devices remotely, thus potentially leading to follow-on hacks. The U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) plans to issue a public advisory about the security bug. An employee at ThroughTek's Product Security Incident Response Team said customers affected by the vulnerability were notified and advised on how to minimize the security risks posed by it. The way in which the ThroughTek protocol is integrated by original equipment manufacturers (OEMs) and resellers, makes it difficult to determine the actual number of affected devices. Mandiant calls on users to update their software and take extra steps to mitigate the risk of the vulnerability being exploited by malicious actors. This article continues to discuss the software bug exposing millions of IoT devices to attacks, the ongoing struggle to secure IoT devices, and efforts to require IoT vendors to follow minimum security standards.