sb-as logo
Story image

Belkin WeMo Insight smart plugs vulnerable to attack

29 Apr 2019

Cybersecurity firm McAfee is suggesting that the Belkin WeMo Insight smart plug could be vulnerable to malware attacks – and Belkin has taken a very long time to fix the problem.

Earlier this month, McAfee head of advanced threat research Steve Povolny came out swinging against Belkin. He claims that in May 2018 his team warned Belkin of a vulnerability (CVE-2019-6692) that could be exploited by an attacker to turn off the switch, overload it, or connect to the switch’s network to become an entry point to a larger attack.

Despite Belkin’s acknowledgement of the vulnerability, it seems the company never did anything about it. Instead, they apparently patched a vulnerability in an entirely different product that doesn’t appear to be on the market anymore.

Three months later McAfee publicly disclosed the vulnerability to raise awareness that there is a definite security issue with the WeMo Insight smart plug. Still, Belkin did nothing about it, according to Povolny.

“As of April 10th, 2019, we have heard of plans for a patch towards the end of the month and are standing by to confirm,” he writes in a blog – but there doesn’t seem to be any hard evidence or a release date yet.

So it has taken almost a year for Belkin to do something about it – all that time, the vulnerability has remained exploitable. Povolny also suspects that malware creators are exploiting the WeMo Insight vulnerability into IoT malware, because the devices are unpatched. The Bashlite malware is one such piece of malware that is already compromising IoT devices.

“As this vulnerability requires network access to exploit the device, we highly recommend users of IoT devices such as the WeMo Insight implement strong WIFI passwords, and further isolate IoT devices from critical devices using VLANs or network segmentation,” Povolny writes.

He also points out that IoT devices are prime targets for security issues, and companies like Belkin should be quick off the mark to fix issues, especially when attackers keep track of vulnerabilities that they can weaponise.

He adds that consumers should also apply basic security measures like keeping on top of product updates, using strong passwords, and keeping critical devices away from the IoT.

What’s more, those who use their work devices on home networks should also be concerned.

“Just because this is an IoT consumer device typically, does not mean corporate assets cannot be compromised.  Once a home network has been infiltrated, all devices on that same network should be considered at risk, including corporate laptops.  This is a common method for cyber criminals to cross the boundary between home and enterprise. “

Story image
IBM report: Security response improving - containing attacks, not so much
“While more organisations are taking incident response planning seriously, preparing for cyber-attacks isn’t a one and done activity."More
Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Download image
Architecting hybrid IT and edge for digital advantage
Enterprises can create a low-latency architecture with private connections that bypass the internet entirely. The end result? Better reliability.More
Story image
Top 10 riskiest IoT devices for enterprises, according to Forescout
IoT devices can become attack vectors for hackers to gain access to enterprise networks, and recent Forescout research shows businesses need to be aware of this and put adequate security measures in place.More
Story image
Australians ignoring cybersecurity policies in favour of productivity
Trend Micro has found that 67% of remote workers have increased their cybersecurity awareness during COVID-19 related lockdowns. However, despite greater awareness people may still engage in risky behaviour, the survey finds.More
Story image
State-based cyber attack targeting Australian government and businesses
Prime Minister Scott Morrison told media on Friday morning that a 'malicious' attack by a state-based cyber actor is underway in the country.More