Security researchers announced that they have discovered Chinese IoT devices containing a hidden backdoor. This enables access by the manufacturer and leaves the devices open to exploitation by others, which despite the researchers following the responsible disclosure process, has repeatedly been left exposed by the vendor. Zach Lanier, research director at Cylance commented below.
Zach Lanier, Research Director at Cylance:
What’s frustrating about this particular instance is the vendor’s response to Trustwave’s findings: “security through obscurity” is not the way to go, nor is cutting off communications with researchers who are trying to disclose something. Trying to “hide” something like this is what brings about the “Streisand Effect” – it will only draw more attention.
Chances are high that we’ll continue to see more of the same as far as backdoors go, especially as IoT-esque devices proliferate.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.