Japanese government will hack citizens’ IoT devices

In preparation for the Tokyo 2020 Summer Olympics, the Japanese government has approved a law amendment that will allow government workers to hack into unsecured Internet of Things (IoT) devices as part of a national survey.

The survey will be conducted by employees of the National Institute of Information and Communications Technology (NICT) under the supervision of the country’s Ministry of Internal Affairs and Communications.

By using default passwords and password dictionaries, NICT employees will attempt to log into the IoT devices of Japanese consumers in an effort to gauge their security or lack thereof.

A list of insecure IoT devices that use default and simple passwords will be prepared and passed on to the authorities and ISPs so that they can alert consumers regarding how to properly secure these devices.

The survey will begin next month when NICT plans to test the password security of more than 200m IoT devices starting with routers and web cams. Both consumer devices in citizens homes will be tested along with those on enterprise networks.

Olympic security

The Japanese government decided to carry out its unconventional survey as part of its plan to prepare for the Tokyo 2020 Summer Olympics. 

The government fears that hackers could exploit insecure IoT devices to launch attacks against the Games’ IT infrastructure just as Russian nation-state hackers deployed the Olympic Destroyer malware ahead of last year’s Pyeongchang winter Olympics.

However, the Japanese government’s plan has been met with criticism as many have argued that it could deal with problem by simply sending out a security alert to all users. Even if its hacking attempts are successful, there is no guarantee that consumers would take the time to update the passwords on their IoT devices after the fact.

Securing the IoT has long been a thorn in the side of the cybersecurity community and even if Japan’s survey fails drastically, it will still help raise awareness of the issue and could lead consumers and businesses alike to beef up their own IoT security.

Via ZDNet

Go to Source

Leave a Reply

Your email address will not be published.