Years ago, baby monitors were able to listen in on remote telephones in people’s homes. This may still be the case, only in reverse. Current baby monitors include interactive devises that allow parent to both listen and watch their precious little one. They can even talk to their babies remotely. That is very cool, but it may come with vulnerabilities.
Many variants of smart devices have been identified as being at risk from cyber intrusion. Devices of concern include security cameras, DVRs, and yes even baby monitors. The vulnerability means that hackers may be able to access live video and audio streams over the Internet. The vulnerability is not tied to a specific device manufacturer since the flaw relates to a software development kit used by many vendors and across 83 million smart devices. These devices are making over one billion connections to the Internet per month.
The software is ThroughTek Kalay, which provides a plug-and-play system for connecting smart devices with their corresponding mobile apps. The Kalay platform brokers the connection between a device and its app, handles authentication, and sends commands and data back and forth.
The affected ThroughTek P2P products may be vulnerable to improper access controls. This ‘vulnerability’ can allow an attacker to access sensitive information (such as camera feeds) or perform remote code execution. The weakness therefore relates to Kalay functionality which enables coordination between a security camera and an app that can remotely control the camera angle.[1]
The Kalay vulnerability has exposed millions of IoT devices and it was detected by security advisers and reported to the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
Looking at the incident for Digital Journal is the CEO of Jumio. According to the CEO, this attack introduces special types of dangers and these will be of concern to parents. Jumio says, “While this vulnerability is harmful to anyone with a smart device linked to the Kalay platform, it’s particularly concerning that baby monitor feeds are involved.”
With the specific risk, Jumio notes, “Through a simple social engineering tactic like phishing, hackers can extract a device’s identifier and obtain its unique credentials. From there, criminals can take full remote control of the device to watch live video feeds, install malware or download footage and leverage it for malicious purposes.”
To prevent these types of attacks in the future, Jumio believes strongly that a new form of identification is needed. Here they recommend that; “While this vulnerability is a serious lapse in security, usernames and passwords in general can no longer be trusted as a secure form of authentication in today’s fraud environment. Instead, IoT companies must leverage biometric authentication, using a person’s unique human traits to verify identity, to ensure smart devices and their connected online accounts can only be accessed by authorized users.”
At Red Sky Alliance, we can help cyber threat teams with services beginning with cyber threat notification services, and analysis. OiT compromise is a serious concern. Additionally, ransomware is truly a serious concern worldwide. Our analysts are currently monitoring and collecting on 65+ dark web forums, 20 ransomware forums, 49 forums and marketplaces: of which 25 are forums [info only] and 24 are marketplaces [stolen data]. We can help identify personal and company information being sold in the Dark Web and help protect all levels of a company to avoid any network disruptions. Our analysts are currently monitoring for these type TTP’s in the underground.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
[1] https://www.digitaljournal.com/tech-science/baby-monitors-caught-up-in-the-latest-cybersecurity-incident/article#ixzz74YiF8Hwa
Comments