Cheap Web Cams Can Open Permanent, Difficult-To-Spot Backdoors Into Networks

An anonymous reader writes: They might seems small and relatively insignificant, but cheap wireless web cams deployed in houses and offices (and connected to home and office networks) might just be the perfect way in for attackers. Researchers from the Vectra Threat Lab have demonstrated how easy it can be to embed a backdoor into such a web cam, with the goal of proving how IoT devices expand the attack surface of a network. They bought a consumer-grade D-Link WiFi web camera for roughly $30, and cracked it open. After installing a back-door to the Linux system that runs the camera, and then turning off the ability to update the system, they had an innocent seeming but compromised device that could be stealthily added to a network environment.

Re:You get what you pay for

I agree, but:
This article is good because it lets us (the good guys) send a link to this article to the ignorant guys (managers etc), so that a sense of urgency is formed. Then maybe we are allowed to allocate resources to protect ourselves - at least from the script-kiddies and the semi bad guys.
(For the really skilled bad guys, even many professional organisations will fail in the long run)

Router lockdowns and monitoring

[Todd+Knarr]

This is one reason to segregate devices and have firewall rules that control which devices can make outgoing connections. That way you can insure IoT and other devices that have no business talking to the Internet can't talk to the Internet.

I also run a monitoring job that collects MAC addresses and associated IP addresses from the router's ARP cache and reports on unexpected changes. It doesn't make it impossible to slip a device onto my network without it being noticed, but it takes a fair amount more work that the likely intruders won't be putting forth. It also helps find the MAC addresses of new equipment that doesn't like to say what it's MAC address is.