Today, at Mobile World Congress the General Manager for IoT Security at Dojo by BullGuard, Yossi Atias took the stage to demonstrate a live hack of the Amazon Ring video doorbell, exposing a previously unknown vulnerability in the popular IoT device.
The hack revealed unencrypted transmission of audio and/or video footage to the Ring application allows for arbitrary surveillance and injection of counterfeit video traffic, effectively compromising home security and putting family members’ safety at risk.
The Ring video doorbell vulnerability lies between the cloud service and the Ring mobile application. In the Ring video doorbell hack, Atias was able to change the video feed so the end user ‘believed’ they were seeing someone they know and let in previously.
“Ring is a well-respected IoT brand, however, the vulnerability we discovered in the Ring video doorbell reveals even highly secure devices are vulnerable to attack,” said Atias. “This particular vulnerability is complex because it is between the cloud and the Ring mobile app, and is acted upon when the Ring video doorbell owner is away from home – meaning the package delivery person, housecleaner or babysitter might not actually be the same person at your door. Letting someone you ‘think’ you know into your home could potentially have dire consequences, particularly if your kids are at home.”
Spying on the doorbell allows for a gathering of sensitive information – household habits, names and details about family members, including children – all of which make the target easy prey for future exploitation. “Security is only as strong as its weakest link,” added Atias. “When handling sensitive data like a video doorbell, secure transmission is not a feature, but a must – particularly as the average consumer will not be aware of any tampering.”
The Ring video doorbell vulnerability was found during the process of routine ethical hacking where the Dojo by BullGuard cyber research team examines various IoT devices to constantly improve the Dojo Intelligent IoT Platform (DIP) capabilities to defend against potential vulnerabilities. Amazon has already released a new version of the Ring mobile app where this vulnerability has been fixed and the device is now safe from this kind of attack.