any wireless sensor data without encryption and with standard passwords can be hacked

“By sniffing 802.15.4 wireless traffic on channels used by Sensys Networks devices,” Cerrudo wrote in an advisory (.pdf) he sent to the Department of Homeland Security’s ICS-CERT division last year, “it was found that all communication is performed in clear text without any encryption nor security mechanism. Sensor identification information (sensorid), commands, etc. could be observed being transmitted in clear text. Because of this, wireless communications to and from devices can be monitored and initiated by attackers, allowing them to send arbitrary commands, data and manipulating the devices.”

In this interesting article it is about the traffic lights but that counts for any sensor that is working under these premises.


The comments are closed.