Japan's government will start hacking its citizens' IoT devices next month

midian182

midian182

Posts: 9,738   +121
Staff member
WTF?! We know that Internet of Things devices have a deserved reputation for being insecure, and Japan wants to do something about it. The country has just passed a new law amendment that will allow its government to hack into citizens’ IoT devices and compile a list of those that are at risk.

The official hacking campaign is part of a survey that will be conducted by employees of the National Institute of Information and Communications Technology (NICT) and overseen by the Ministry of Internal Affairs and Communications.

As is the case with many IoT hacks, the government agency will use default passwords to try and break into the devices. It will also use password dictionaries to see if users have picked easily guessed credentials.

Once the list of insecure devices has been compiled, it will be passed on to the authorities and internet service providers so customers can be alerted and change their passwords, reports ZDNet.

Testing of over 200 million IoT devices will begin next month, starting with routers and web cameras. Both the general public and enterprise users will have their devices probed.

The campaign arrives ahead of the 2020 Summer Games, which is being held in Tokyo. With concerns over hackers using IoT devices to launch an attack on the Games’ IT infrastructure, the government is taking extreme measures to try and secure this avenue of attack. The fear is probably justified; Russia’s Main Intelligence Directorate (GRU) reportedly launched malware during the opening ceremony of the 2018 Winter Olympics. It disrupted internet and broadcast systems and took down the ticketing site for 12 hours.

In January next year, California will introduce the country’s first Internet of Things security law, which requires manufacturers to implement “reasonable security features.” It specifies that devices come with their own unique passwords, but many say it doesn’t go far enough.

Unsurprisingly, Japan’s citizens are far from happy about the government hacking them, arguing that it should have just sent out notifications about making sure their IoT devices are secure.

Permalink to story.

https://www.techspot.com/news/78456-japan-government-start-hacking-citizens-iot-devices-next.html

 
"Unsurprisingly, Japan’s citizens are far from happy about the government hacking them, arguing that it should have just sent out notifications about making sure their IoT devices are secure."

The problem with that is people are generally DUMB!! Just telling the average person to "secure their devices" won't do much... but maybe someone actually hacking their device will accomplish something...

The sad thing is that I suspect that tons of people, even after having their devices hacked, won't do a thing about it...
 
  • Like
Reactions: Kibaruk and SalaSSin
I think they would have been more successful to have informed their citizens about the possibilities of problems, then offered free screening and reporting so issues could have been discovered without all the cloak and dagger approach.
 
Hey, at least Japan's Big Brother is being honest about the hacking up front as opposed to many other entities and governments around the world...
 
  • Like
Reactions: MonsterZero
Squid Surprise said:
"Unsurprisingly, Japan’s citizens are far from happy about the government hacking them, arguing that it should have just sent out notifications about making sure their IoT devices are secure."

The problem with that is people are generally DUMB!! Just telling the average person to "secure their devices" won't do much... but maybe someone actually hacking their device will accomplish something...

The sad thing is that I suspect that tons of people, even after having their devices hacked, won't do a thing about it...
Click to expand...

Maybe if the device can be hacked a second time after notification, the government can change the password of that device to a random 20 character one.
 
Squid Surprise said:
"Unsurprisingly, Japan’s citizens are far from happy about the government hacking them, arguing that it should have just sent out notifications about making sure their IoT devices are secure."

The problem with that is people are generally DUMB!! Just telling the average person to "secure their devices" won't do much... but maybe someone actually hacking their device will accomplish something...

The sad thing is that I suspect that tons of people, even after having their devices hacked, won't do a thing about it...
Click to expand...

Which is exactly why they'll likely keep that list of vulnerable devices; they'll know which IP addresses got hijacked in the event of a local IoT DDoS attack.
 
We'll hack your devices to make sure they are secure, then if there are any vulnerabilities we'll totally tell you about them.....honest!

Yea right, this sounds like something Trump would sign off on.
 
MonsterZero said:
We'll hack your devices to make sure they are secure, then if there are any vulnerabilities we'll totally tell you about them.....honest!

Yea right, this sounds like something Trump would sign off on.
Click to expand...

Trying a bunch of default and common passwords on internet-facing hardware is hardly hacking - and now that they've told people to expect it, I think there will be more than a few eyebrows raised if no one gets notified (or even if it is fewer than one would expect).
 
You must log in or register to reply here.

Similar threads

A
Arm Cortex-M52 chip brings AI acceleration to low-power IoT devices
Replies
1
Views
212
Mr Majestyk
M
A
New variant of "TheMoon" malware enslaves thousands of insecure Asus routers into a malicious proxy
Replies
2
Views
141
Snazz
S
midian182
Russia-backed hacking group suspected of attack on US water system
Replies
11
Views
122
PurpaFur
PurpaFur

Latest posts

Back