McAfee Labs’ revealed new vulnerabilities within common IoT devices – BoxLock and Mr. Coffee coffee machines – which team has gave cybercriminals direct access into the personal data and homes of consumers.
A vulnerability within BoxLock, a smart padlock designed to protect deliveries, enabled hackers to remotely unlock the device in just a few seconds by using the built-in barcode scanner.
Additionally, McAfee uncovered a vulnerability within the Mr. Coffee Coffee Maker with Wemo that gives hackers a back door to access home networks.
As the Internet of Things (IoT) grows and smart devices gain popularity, McAfee warns consumers and businesses alike that cybercriminals will continue to find new ways to exploit all connected things.
“Cybercriminals are relentless, and as long as we continue to connect devices to the internet, they will continue to search for ways to exploit them,” said Raj Samani, McAfee fellow and chief scientist.
“Vulnerability disclosures can be frightening for both the consumers using connected devices and the organisations that create them. Cybersecurity researchers, businesses, and consumers are working together to expose and eliminate these vulnerabilities and keep us all a step ahead of the bad guys.”
While there is no way to predict the future of IoT attacks, McAfee offers consumers and businesses tips to ensure devices and data are protected from such vulnerabilities:
3 Steps for consumers to protect IoT devices
Set-up a secondary network for your IoT devices that doesn’t share access to your primary network and the devices and data connected
Consider getting a router with built-in security features, making it easier to protect all the devices in your home from one access point
Set your device to auto-updates so you always have the latest software and be sure to change all default passwords once you purchase a new device