Are IoT Firmware Vulnerabilities, Backdoors Intentional?
Firmware vulnerabilities, backdoors, and more are explored with ReFirm Labs’ co-founder Terry Dunlap in this episode of the The CyberWire Daily Podcast. Jump to 5:00 in the podcast to hear the really good stuff!
What Is Firmware?
Just like an operating system–OS X, Windows, Linux–runs your computer or laptop, firmware is a stripped down version of a much larger operating system typically designed to operate one piece of hardware for a very specific purpose.
A perfect example is the wireless router in your home. The router is a single purpose machine, or piece of hardware, you typically set up once and let it run. Your wireless router is running firmware.
Firmware Vulnerabilities: Backdoors into Your IoT Devices
Firmware can be hacked and embedded with malware. Hackers can manipulate firmware vulnerabilities to gain access through IoT devices. Since many IoT devices do not contain secure firmware, hackers and nation-state actors often gain access to networks, gather sensitive information, or conduct intellectual property theft.
Keep Up with Firmware Vulnerabilities to Reduce Risk
Companies that keep their IoT and firmware security up-to-date won’t have to worry about remote attacks and hackers gaining access to their networks through their IoT devices. But keep in mind… one overlooked IoT device could grant access to your network.
The CyberWire Podcast.
Check out the CyberWire Podcast episode below. Terry discusses vital aspects of IoT security, firmware vulnerabilities, and backdoors that can plague a company that doesn’t have the right safeguards in place for its IoT devices.
Check it out below!
Click here to learn more about firmware security.
IoT Security Compliance. IoT Security Standards. IoT Security Frameworks. All new buzzwords that are picking up steam. So imagine our surprise when we talk to IoT device manufacturers about why they continue to ship products with bad security and the reason they don’t fix it.
One of our favorite new capabilities in the Centrifuge Spring ‘20 release is Firmware Differencing. This is how to compare two binary files quickly and efficiently for Linux, QNX, and VxWorks. But that’s not all it compares!
With all of these certification standards and compliance regulations, conducting product cyber-security assessments quickly becomes very complicated and expensive. Here’s how to save time and money.