Amazon Fixes Security Flaws Found in Web Services and Connected Devices

Recently, Amazon fixed 13 security flaws found in an operating system used for FreeRTOS, Amazon Web Services (AWS), and connected devices. The flaws allowed intruders to crash devices, leak their memories, and run code remotely. As FreeRTOS is used in devices like cars, aircrafts, and medical devices, it is particularly important that Amazon improve its cybersecurity. Devices connected to the outside world are likely to be the victims of cyber attacks.

Zimperium, a mobile security company, initially found the flaws and disclosed them to Amazon. As of this posting, technical details of the flaws are not available, although they must be revealed within 30 days according to FreeRTOS’ open source license. Once the details are released, smaller outlets can begin to update their security, according to Zimperium. Now, Zimperium is working with Amazon to fix the flaws that they found. They’re also offering help to consumers who think their products might be vulnerable to cyber attacks.

amazon-security-connected-devices
Amazon Fixes Flaws in Connected Devices

Zimperium’s investigation is part of a ongoing project to research Internet of Things (IoT) devices. FreeRTOS, a market leader in the IoT market, has been used by over 40 hardware platforms in the last 14 years alone, says Zimperium. AWS oversees FreeRTOS and its components, hoping to provide cybersecurity so web developers can focus on their product.

Amazon is no stranger to security issues on connected devices. Last April, a security testing company called Checkmarx developed a skill which would allow the Amazon Echo to secretly record and transcribe what the user is saying. After disclosing this skill to Amazon, they “have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do,” according to a spokesperson for Amazon.

Amazon isn’t the only tech company experiencing cybersecurity malfunctions. Many connected devices are vulnerable to hacker attacks. Last April, researchers at F-Secure revealed a security flaw which would allow hackers to gain access to any hotel room secured with an electronic keycard. Despite the fact that no hacker had ever discovered this flaw, Assa Abloy, the largest lock manufacturer in the world, performed software updates to fix the issue.

As technology improves exponentially for products made for the IoT, the fight for cybersecurity must stay one step ahead of the hackers, preventing them from attacking these connected devices.

 

 

Aliza Vigderman

Aliza Vigderman

Aliza is a journalist living in Brooklyn, New York. Throughout her career, her work has spanned many intersections within the tech industry. At SquareFoot, a New York-based real estate technology company, she wrote about the ways in which technology has changed the real estate industry, as well as the challenges that business owners face when they want to invest in property. At Degreed.com, an education technology website, Aliza created digital content for lifelong learners, exploring the ways in which technology has democratized education. Additionally, she has written articles for The Huffington Post as well as her own content on Medium, the online publishing platform. Aliza’s love of journalism and research stems from the excellent Journalism program at Brandeis University. At Brandeis, Aliza interned as a research assistant at the Schuster Institute for Investigative Journalism, a non-profit “news room without walls”. There, Aliza was paired with an investigative journalist and used academic databases to obtain data on everything from the suicide rates in Bhutan to local Boston court cases. Her last position was as an account executive at Yelp, educating business owners on the power of technology to increase revenue. Throughout, however, her heart remained with tech journalism, and she’s thrilled to be writing for Security Baron. When she’s not keeping afloat of the latest tech trends, Aliza likes to cook, read, and write. A former high school “Class Clown,” Aliza has completed two feature-length screenplays, a pilot, and countless comedic sketches. On her days off you can find her relaxing in Prospect Park, trying the latest flavors at Ample Hills Ice Cream, and spending time with friends and family.

Related News

Leave a Comment

Trending News

Follow Us

Reviews