Examining IoT Security WeaknessesTJ O'Connor Says Consumers Flying Blind When Buying IoT Devices
Many IoT devices sold today don’t meet minimum security standards, and much effort is being devoted to making IoT devices more secure.
See Also: The Security Testing Imperative
TJ O'Connor, an assistant professor and head of the IoT Security and Privacy Lab at the Florida Institute of Technology in Melbourne, Florida, says the resource constraints on IoT devices prevent clear insight into exactly what devices are doing, such as turning on cameras or microphones.
"You have to trust the manufacturer isn't doing those things for malicious purposes, but what we've started to see is a wealth of attacks that indicate otherwise," O'Connor says.
His IoT lab recently discovered a series of vulnerabilities in Geeni-branded smart home video cameras and doorbells made by Merkury Innovations. The devices are sold at the U.S. in retailers that include Walmart, Amazon and Home Depot (see Flaws Found in Geeni Smart Doorbells, Security Cameras).
In this video interview, O'Connor discusses:
- Vulnerability and long-term support trends around consumer IoT devices;
- Why transparency and control is important for ensuring IoT security;
- How O'Connor's lab investigates IoT devices.
O'Connor is an assistant professor, head of the IoT Security and Privacy Lab and also cybersecurity program chair at the Florida Institute of Technology in Melbourne, Florida. O'Connor is a retired U.S. Army officer who taught digital forensics and computer exploitation at the U.S. Military Academy at West Point.