SA Migration International

News Articles

Japanese government plans to hack into citizens` IoT devices

Source: Vsoft, 31/01/2019

The survey will be carried out by employees of the National
Institute of Information and Communications Technology (NICT)
under the supervision of the Ministry of Internal Affairs and
Communications.
NICT employees will be allowed to use default passwords and
password dictionaries to attempt to log into Japanese consumers`
IoT devices.
The plan is to compile a list of insecure devices that use default
and easy-to-guess passwords and pass it on to authorities and the
relevant internet service providers, so they can take measures to
alert consumers and secure the devices.
The survey is scheduled to kick off next month, when authorities
plan to test the password security of over 200 million IoT
devices, beginning with routers and web cameras. Devices in
people`s homes and on enterprise networks will be tested alike.
According to a Ministry of Internal Affairs and Communications
report, attacks aimed at IoT devices accounted for two-thirds of
all cyber-attacks in 2016.
The Japanese government has embarked on this plan in preparation
for the Tokyo 2020 Summer Olympics. The government is afraid that
hackers might abuse IoT devices to launch attacks against the
Games` IT infrastructure.
Their fear is justified. Russian nation-state hackers deployed the
Olympic Destroyer malware before the opening ceremony of the
Pyeongchang Winter Olympics held in South Korea in early 2018 as
payback after the International Olympic Committee banned hundreds
of Russian athletes from competing.
Russian nation-state hackers also built a botnet of home routers
and IoT devices --named VPNFilter-- that the Ukrainian
intelligence service said they were planning to use to hinder the
broadcast of the 2018 UEFA Champions League final that was to be
held in Kiev, Ukraine that year.
The Japanese government`s decision to log into users` IoT devices
has sparked outrage in Japan. Many have argued that this is an
unnecessary step, as the same results could be achieved by just
sending a security alert to all users, as there`s no guarantee
that the users found to be using default or easy-to-guess
passwords would change their passwords after being notified in
private.
However, the government`s plan has its technical merits. Many of
today`s IoT and router botnets are being built by hackers who take
over devices with default or easy-to-guess passwords.
Hackers can also build botnets with the help of exploits and
vulnerabilities in router firmware, but the easiest way to
assemble a botnet is by collecting the ones that users have failed
to secure with custom passwords.
Securing these devices is often a pain, as some expose Telnet or
SSH ports online without the users` knowledge, and for which very
few users know how to change passwords. Further, other devices
also come with secret backdoor accounts that in some cases can`t
be removed without a firmware update.

Search

Latest News

This was revealed in the 2025 Easter border operations report, which saw border management authority officials, saps officers and home affairs workers intensify efforts to prevent illegal travel into the country over the holiday period.JOHANNESBURG - Zimbabwean nationals have been identified as the leading individuals attempting to illegally gain entry into South Africa.... Read more...

THE High Court has nullified the re-registration of a birth certificate for a child born out of wedlock, ordering the Registrar-General to strike it from the records.This ruling declared the birth certificate invalid, questioning the legality of attributing paternity to a deceased man decades after his death.The dispute arose from a contested inheritance involving the late Lazarus Mkuduâs estate.Teresiah Mkudu, the applicant, sought a declaratory order to invalidate Ruvimbo Manyondaâs birth certificate, issued nearly 20 years after Mkuduâs death.... Read more...

Residents from 34 countries can now apply for a visa to South Africa online. There are now 34 countries that can apply for a visa to South Africa online, which National Treasury says will help attract more tourists and skills into the country.This was trumpeted in Wednesday`s Medium-Term Budget Policy Statement (MTBPS) as being one of the key successes of Operation Vulindlela. Operation Vulindlela is a joint initiative of the Presidency and National Treasury to assist in the acceleration of critical reforms needed to accelerate the economy.... Read more...