Researchers have uncovered a rash of ongoing attacks designed to damage routers and other Internet-connected appliances so badly that they become effectively inoperable. Ilia Kolochenko, CEO of Web Security Company High-Tech Bridge commented below.
Ilia Kolochenko, CEO at High-Tech Bridge:
“Unfortunately, many manufacturers of IoT devices ignore even the very basic aspects of their devices’ security. Millions of devices cannot be updated if a security flaw is found, or do not allow the change of hardcoded passwords or insecure configurations, such as non-HTTPS access to admin panels. They are insecure and dangerous by design.
In the near future, we will certainly see some people using their technical skills to create IoT destroying worms just for fun, glory, or a joke. While we are talking about cheap and non-critical devices, it can be amusing, but what if a medical surgery equipment is damaged? Product liability claims may bring multi-million lawsuits against the negligent manufacturers, hospitals and doctors may also be held partially liable.
The IoT device market should be strictly regulated, precluding careless vendors from bringing their dangerous products to the market. Today it is mainly about joking, tomorrow – it will be about people’s lives. Governments should act quickly adapting the law and regulations.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.