Researchers have found that a popular Internet of Things real-time operating system – FreeRTOS, run by AWS – is riddled with serious vulnerabilities. The bugs could allow hackers to crash connected devices in smart homes or critical infrastructure systems, leak information from the devices’ memory, and take them over. John Grimm, Senior Director of IoT Security Strategy at Thales eSecurity, comments:
As we move forward, we expect security to play an enormous role in allowing the IoT ecosystem to reach its full potential. However, with great power comes great responsibility, and failure to build and manage these devices correctly can leave people exposed to large scale cyber-attacks.
With consumers prioritising convenience and functionality over security when it comes to IoT – six in ten (57%) do not change the default security settings on their digital assistants for example – it’s down to manufacturers to ensure security is built-in, not bolted on, and embedded into devices at the point of manufacture.
Flaws in the underlying operating system represent another entry point for cyber criminals, so it is crucial that manufacturers provide capabilities to update their products with verifiable, authentic patches to stay one step ahead and protected from security threats.