RE: 12 Nations Targeted In Massive Cyber Attack
May 13, 2017 at 5:04 pm
(This post was last modified: May 13, 2017 at 5:07 pm by Autumnlicious.)
There's honestly little we can do about existing insecure deployments on grounds there are no "teeth" in law to ensure hardware and software companies who sell products to the general public take even cursory security measures.
The Mirai botnet relied on mass produced IoT devices with hardcoded root passwords to enslave.
Just let that sink in - enough hardware manufacturers released hardware and software with hard coded (as in cannot be changed to a more secure form) passwords for years. I could not think of better resources for cyber criminals.
And they will only suffer at most brand damage, which is only a name change away to recover from.
Without any form of penalties and enforcement, obviously and trivially vulnerable devices and services will continually put anyone at risk.
The Mirai botnet relied on mass produced IoT devices with hardcoded root passwords to enslave.
Just let that sink in - enough hardware manufacturers released hardware and software with hard coded (as in cannot be changed to a more secure form) passwords for years. I could not think of better resources for cyber criminals.
And they will only suffer at most brand damage, which is only a name change away to recover from.
Without any form of penalties and enforcement, obviously and trivially vulnerable devices and services will continually put anyone at risk.
Slave to the Patriarchy no more
