Tripwire researcher Craig Young said a series of flaws he recently found in Ruckus routers – making them vulnerable to several security issues – is representative of the security problems found in many consumer connected devices.
Young wrote about the Ruckus research in a recent blog post, but told SCMagazine.com at Black Hat that Ruckus and other consumer electronic manufacturers are doing a poor job hardening their devices to cybersecurity threats and that this leaves consumers vulnerable.
Young said that while he expects to find some security issues in consumer devices, he is surprised when enterprise-level products designed to protect major organizations are also flawed.
In Ruckus' case, the flaws could lead to the router being used in DDoS attacks, or the DNS setting could be changed – setting it up for a phishing attack.
In general, Young believes consumers need to consider a gadget's security capabilities before making a purchase, much in the same way they would look at any other feature prior to purchase.
For more with Craig Young please see the video.