Are IoT devices a security risk after pairing?

Hi All,

Once an IoT device is paired to your WiFi, is there a risk of it being hacked? This is besides the fact that your WiFi can get hacked. I am only talking about the device itself. I ask because it seems like these devices are completely vulnerable before being paired and setup, but afterwards I was wondering what the risk it. It seems that once it is paired, it isn’t broadcasting a generic WiFi and wouldn’t be at risk, but I might be missing something.

Any insight would be great!

Thanks,
Panboy

I do not take the risk and have a separate ssid for “iot”. Cannot access Internet and local. I can only access it from my home assistant.

Interesting idea. So do you have a completely different router or do you use the “guest” SSID option?

Once your IoT device is connected to the internet, by whatever means, then it is obviously open to external attacks. You would usually put your device on a vlan or separate subnet for local control (if the device supports that).

But the wifi link between your AP and the IoT can still be vulnerable for a well equipped attacker.
An attacker could spoof your SSID with a a higher power RF transceiver, forcing your IoT device to connect to the attackers AP. Look up deauthentication and evil twin attacks. Once the device is connected, they gain full access to it. Of course this would be a targeted attack and the attackers would need at least some knowledge about your IoT infrastructure to pull it off. In the vast majority of cases, such an attack scenario would not be very realistic.

That said, all wireless protocols are technically vulnerable.

Probably he uses VLANs (as I do as well).

I have 1 router, which can advertise multiple ssids. e.g. my “home” and my “iot”. my home has internet access and my iot not. my home can access iot, but iot cannot access home.

I can use VLANs on this ssystem, but I do not use it. It is not needed. However my device does support bridging between the wireless and wired. thus home has a wired port bridged with home ssid and equal for iot.

yes, the chain is as weak as the weakest link, if my wifi is compromised…

My router (eero) only accepts one SSID. I’ll have to look into the VLAN option.

Update: I learned that my eero router doesn’t accept VLAN either… Hmmmm… time to think of other options…