Over 1 million Internet of Things (IoT) devices have been compromised in recent months and added to DDoS botnets created with the help of a malware family known as Gafgyt, but also as Lizkebab, BASHLITE, and Torlus. Lane Thames, Software Development Engineer and Security Researcher at Tripwire commented below.
Lane Thames, Software Development Engineer and Security Researcher at Tripwire:
“As security researchers, we love providing this type of useful information. We view changing default credentials, using encryption, locking down networks with firewalls, etc. as basic security hygiene. However, the bulk of the IoT market consists of non-technical consumers who, at this time, have very little (if any at all) knowledge of how to make these security conscious changes. This is a ‘technology’ component of security where it is up to the manufacturers to build more secure devices. For example, it is well past time to find a better ‘default credential’ solution. In other words, no one should be shipping devices with default credentials. Device manufactures should be considering new methods to replace the default credential model. The ‘human’ component of security must also be addressed in the long run. We will never have a society where everyone is a cybersecurity specialist. However, our current educational ecosystem is failing us on the cybersecurity front. As a society, we must start integrating the basics of cybersecurity knowledge within our education systems. Even if we could solve the technology component of cybersecurity, our efforts would be in vain without addressing the human component as well.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…