Japan's law now allows it to hack people’s IoT devices
Japan has approved a law amendment which allows government officials to hack into people’s Internet of Things (IoT) devices.
The amendment is part of a survey investigating the number of vulnerable IoT devices carried out by the National Institute of Information and Communications Technology (NICT) under the supervision of the Ministry of Internal Affairs and Communications (MIC).
Japan is carrying out the survey to prevent the devices from being harnessed for a cyber attack targeting infrastructure supporting the Tokyo Olympic Games in 2020. The number of viewers which sporting events attract make them a prime target.
Back in February last year, a cyber attack hit the Pyeongchang Winter Olympics during the opening ceremony.
The so-called ‘Olympic Destroyer’ malware was linked to Russian threat actors. It’s suspected the malware was deployed in response to the banning of Russian athletes prior to the Rio 2016 Summer Olympics.
NICT employees will have permission to attempt the hacking of IoT devices using default passwords and password dictionaries. Users leaving passwords set as their device manufacturer’s default is often how devices are compromised.
When a vulnerable device is found, a report will be sent to both authorities and ISPs while ensuring the owner is prompted to secure it.
Japan’s approach is an unprecedented but proactive way of dealing with the IoT security problem. A report published by the MIC highlighted two-thirds of cyber attacks in 2016 were targeted at IoT devices.
The infamous Mirai botnet used over 100,000 compromised IoT devices to flood DNS provider Dyn with a record-breaking amount of traffic – reportedly in the region of 1.2 Tbps – and disrupting popular services including Twitter, Spotify, and PlayStation Network.
Japan’s survey is scheduled to kick off next month. IoT News will keep you posted as the story progresses.
Interested in hearing industry leaders discuss subjects like this? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.
- » The IoT is being hindered by full-time cybersecurity talent shortage
- » UK launches ‘centre of excellence’ for IoT cybersecurity
- » Hyundai, Tesla and Apple come up trumps in most trusted connected car brands, say drivers
- » Report: Global semiconductor revenue increased 12.5% year on year in 2018
- » Aruba’s latest offerings aim to help enterprise customers push adoption of IoT