The government is afraid that hackers might abuse IoT devices to launch attacks against the Tokyo 2020 Summer Olympic Games’ IT infrastructure.
What is an IoT device? It’s a designation for gadgets that connect to the internet in some way. This includes products such as Ring smart doorbells, WiFi connected coffee makers, smart light bulbs, smart dimmers and light switches, smart thermostats (such as Nest), smart locks, Amazon Echo and Google Home interactive controllers, baby cams, home security camera systems, universal remotes, smart TV’s and smart robotic vacuum cleaners to name a few.
The survey will help the government figure out the number of insecure IoT devices in the country and is scheduled to kick off next month.
The Japanese government has approved a new amendment that would allow government officials to hack into citizens’ IoT devices. The program which is a part of a survey will help the government to figure out the number of insecure IoT devices in the country.
About the survey
The survey is scheduled to kick off next month and involves the security test of over 200 million IoT devices. Devices in homes and on enterprise networks will be tested alike under the penetration test program.
The survey will be carried out by employees of the National Institute of Information and Communications Technology (NICT) under the supervision of the Ministry of Internal Affairs and Communications.
A list of default passwords and password dictionaries will be leveraged to make login attempts into Japanese consumers’ IoT devices.
The main aim of the survey is to compile a list of insecure devices and secure them in advance of the Tokyo 2020 Summer Olympics. The government is afraid that hackers might abuse IoT devices to launch attacks against the Games’ IT infrastructure.
For instance, in early 2018, Russian nation-state hackers had deployed the Olympic Destroyer malware to ruin the Pyeongchang Winter Olympics held in South Korea. In another incident, the Russian hackers had used VPNFilter botnet to hinder the broadcast of the 2018 UEFA Champions League final.
The take away
Yes, these awesome gadgets are making it easier to manage our homes remotely, get information by yelling at a box in the corner rather than use our hands and of course, brew better coffee! But, these gadgets are typically made and shipped without security in mind and can often be remotely controlled by others out there on the internet. Home security camera systems are especially vulnerable – just have a look at this segment from the local news:
By the way, if you’re interested in the website, I probably shouldn’t give it to you, but here it is anyway: https://www.insecam.org
What’s the fix? Update update update. Usually the manufacturer is aware of a security hole in their device and have released patches, it may just need to be updated manually or provided a maintenance window for it to go out and update itself. Also, be aware of the items in your home that actually need to be connected to the internet. You may be able to reduce your liability by disabling some of those smart devices you don’t absolutely need.
Stay safe out there.