IFB240 Assessment Task 2 – Risk Report

Example using the Template for Risk Treatment and Countermeasures

This example identifies and describes a control measure to mitigate a risk discussed in Part A.

Overview of security issue from Part A: Mobile application

In Part A, a vulnerability in the Ring Doorbell setup process was described. The Ring Doorbell needs

to be connected to the local (home) WiFi network to function. During the initial setup of the

doorbell, it needs to be given the credentials to the home WiFi. To enable the user to input those

credentials, an initial WIFI connection from a user device to the Doorbell is made, but this

connection is not encrypted. As a result, anyone within a reasonable physical distance of the device

and with hardware capable of capturing WiFi signals is able to observe these credentials,

compromising the confidentiality of the password. This could then be exploited in subsequent

attacks on the home network.

Treating the risk

Suggested control measure and explanation:

A control measure for this scenario is to ensure that the initial communication of the WiFi password

does not occur over an insecure channel. Communication of confidential information in an insecure

network environment such as the internet should occur over an encrypted channel. This approach to

dealing with the initial setup of the Ring Doorbell has been applied by Amazon and made available in

software updates to the Ring devices. The use of encryption to resolve the issue is noted in the

Bitdefender article ‘Bitdefender Finds Ring Doorbell Vulnerability the Exposes User’s Wi-Fi Password’

by Silviu Stahie (2019).

Type of control measure:

The use of an encrypted communications channel to provide the password is a preventive control

measure – this prevents the password being transmitted as plaintext. A malicious attacker scanning

the network will see encrypted traffic but will not be able to observe the password. In Guidance for

IoT device manufacurers, the Australian Cyber Security Centre (ACSC) recommend that password

exchange occurring during device setup makes use of cryptographically secured mechanisms (2023).

This control measure involves the use of technology to implement cryptographic algorithms.

Degree of protection provided:

The use of encryption prevents exposure of the plaintext password. Provided the encryption

algorithm used is secure and the keys are managed appropriately, the password is protected. This

treatment option totally removes the vulnerability, effectively removing the risk. It does not prevent

attackers from guessing the user password, so password choice is still important for security.

Limitations of this control measure:

The decision to implement an initial setup process that uses encryption to protect the WiFi password

must be made by the Ring Doorbell vendor (Amazon). It is not something that is under the control

of the user or the client organisation using the Ring Doorbell. When a software update is available,

the cost to implement this risk treatment is just the time and effort of performing the update.

----oooo----OOOO----oooo----

Reference details (This would appear in the Reference list of the Part B report):

STAHIE, S. (2019, Nov 9) Bit Defender Finds Ring Doorbell Vulnerability that Exposes User’s WiFi

Password. Retrieved from Bitdefender Finds Ring Doorbell Vulnerability that Exposes User's Wi-Fi

Password Date accessed: 21 April 2024.

ACSC (2023) IoT Secure-by-Design Guidance for Manufacturers. Retrieved from IoT Secure-by-Design

Guidance for Manufacturers | Cyber.gov.au Date accessed: 21 April 2024.