Consumer devices that connect to the Internet are plagued by poor encryption and backdoors that could allow easy access to cybercriminals, according to new research being presented this week at the 23rd Usenix Security Symposium in San Diego.
Researchers from Eurecom, a French graduate school, conducted the first large-scale analysis of firmware — the coding that manages interactions between software and hardware — focusing primarily on wireless routers, printers and security cameras.
For the study, they developed a web crawler that retrieved firmware files from the websites of manufacturers of 32,000 widely used consumer devices, including products made by Siemens, Xerox, Bosch, Philips, D-Link, Samsung, LG and Belkin.
Researchers found that coding within firmware is often outdated. They estimate that the vulnerabilities revealed in their findings potentially affect more than 140,000 types of devices that connect to the Internet.
The researchers plan to develop an online firmware unpacking and analysis service that will “help shed some light on the security of embedded devices.”
Read the full study HERE.