You might be risking your privacy, and even physical security, if you use a next-generation switch to control appliances in your home.
In analyzing several IoT devices, Bitdefender found the Wi-Fi-enabled WeMo Switch is vulnerable to weak access point authentication and may leave users without their private Wi-Fi credentials.
The WeMo switch can turn plugged-in electronic devices on or off remotely and includes scheduling and IFTTT automation capabilities. The product has over 2,000 five-star reviews on Amazon, and the mobile app, WeMo, boasts over 100,000 downloads on Google Play.
Coincidentally, in 2014, the device was the subject of a hacking experiment which took advantage of encryption keys and cloud services to push malicious firmware updates and capture credentials. At the time, the company said it would update its software to add SSL encryption and password-protect the serial port interface to prevent a malicious firmware attack.
Going after the password
When the device is configured, all data is transmitted in plain text, except the Wi-Fi password. However, the password is encrypted with a symmetric 128-bit key.
The Wi-Fi password is secured with an AES key derived from the MAC address and the device ID. Since the device ID and MAC address are transmitted in clear, researchers have all the elements for decryption at their fingertips. Using a decryption tool, they have managed to reverse engineer the key generation algorithm, recover the password and got inside the network.
Device MAC and SSID
The authentication and traffic encryption flaws that often afflict IoT systems are known in the security industry but, despite this, mitigation is often neglected,”says Radu Basaraba, malware researcher at Bitdefender.
In particular, authenticating IoT actors with proper mechanisms and standards is essential for the future of IoT. “Although lack of authentication seems like a minor mistake, it ultimately leads to jeopardizing users’ confidence in vendors and the IoT landscape itself,“ Basaraba says. “IoT vendors need to prioritize security before their devices become hugely popular, leaving millions of people at risk of cyberattacks.“
Researchers from Bitdefender Labs have investigated a random selection of IoT devices- – a smart LED, a Wi-Fi enabled switch, a Wi-Fi audio receiver and a smart power adapter. Note: the scrutinized gadgets have been chosen randomly, based on popularity, product reviews and price affordability.
This article is based on the technical information provided courtesy of Bitdefender researchers Dragos Gavrilut, Radu Basaraba and George Cabau.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.