https://edition.cnn.com/2019/02/01/asia/...index.html
Beginning on February 20, Japanese officials will start probing 200 million IP addresses linked to the country, sniffing out devices with poor or little security.
A law was passed last year to enable the mass hack, as part of security preparations ahead of the Tokyo 2020 Olympics.
According to the Ministry of Internal Affairs and Communications (MIAC), two-thirds of cyber attacks in Japan in 2016 targeted IOT devices. Officials fear some kind of IOT-related attack could be used to target or disrupt the Olympics.
As well as testing which servers have no security, the Japanese team will also test 100 common username and password combinations, such as "admin/admin" or "1234," the MIAC said in a statement.
Michael Gazeley, director of Hong Kong-based security firm Network Box, warned that while the intentions of the test were good, it could potentially backfire on users, by creating an easy attack vector for hackers.
"The public at large is going to have to be extra vigilant," he said. "How easy would it be to send someone (everyone) a phishing email, claiming to be from the government, saying, 'Your IOT devices failed our testing, please click on this link to get updated,' resulting in a huge number of successful hacks?"
----
I'm guessing this was approved by the Minister of Never-Used-A-Computer-Before? :-P
Beginning on February 20, Japanese officials will start probing 200 million IP addresses linked to the country, sniffing out devices with poor or little security.
A law was passed last year to enable the mass hack, as part of security preparations ahead of the Tokyo 2020 Olympics.
According to the Ministry of Internal Affairs and Communications (MIAC), two-thirds of cyber attacks in Japan in 2016 targeted IOT devices. Officials fear some kind of IOT-related attack could be used to target or disrupt the Olympics.
As well as testing which servers have no security, the Japanese team will also test 100 common username and password combinations, such as "admin/admin" or "1234," the MIAC said in a statement.
Michael Gazeley, director of Hong Kong-based security firm Network Box, warned that while the intentions of the test were good, it could potentially backfire on users, by creating an easy attack vector for hackers.
"The public at large is going to have to be extra vigilant," he said. "How easy would it be to send someone (everyone) a phishing email, claiming to be from the government, saying, 'Your IOT devices failed our testing, please click on this link to get updated,' resulting in a huge number of successful hacks?"
----
I'm guessing this was approved by the Minister of Never-Used-A-Computer-Before? :-P