Half a Billion Smart Devices Vulnerable to Decade-Old DNS Rebinding Attacks

If you use “smart” connected devices at your home or office, then those Internet of Things (IoT) devices are at risk of an attack that is nearly ancient in tech-years, as it has been around since 2007.

Previously this year, it came to light that Google Home, Roku, Sonos, Chromecast, smart home Radio Thermostat CT50 & CT80 and all Blizzard games were vulnerable to DNS rebinding attacks. Now IoT security vendor Armis warns that nearly half a billion “smart” devices are vulnerable to the decade-old DNS rebinding attack vector.

The vulnerabilities are “everywhere.” Due to the wide variety of about 496 million vulnerable devices – printers, smart TVs, streaming media players and speakers, IP cameras, IP phones, switches, routers and access points – Armis warned that “nearly all enterprises are susceptible” to DNS rebinding attacks, which give remote attackers a way to get around firewalls and gain access to vulnerable devices on a local network – devices that were never meant to be accessed by the public.

Read more at CSO

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio