List Of Pwnable IoT Devices Floating In The Wild

A list of IoT devices and associated telnet credentials has gone viral in the last few days. The list has the IP addresses of over 33,000 IoT devices and associated logins via Telnet which are things like the username and password being root or admin. This would make it trivially easy to create a botnet of IoT devices like the Mirai botnet that hit several sites recently. The list has existed since June, but has become viral when it was Tweeted out in the last few days. Now according to this article on Threat Post, there is an all out effort to stop the exploitation of this list by tracking down the owners of these IoT devices so that they can take remedial action which could include updating firmware, changing passwords, or taking the devices offline among other possibles.

Now, this sort of thing is precisely the reason why I have said for a long time that people who make IoT devices have to seriously step up their game when it comes to securing them. And if they are unable or unwilling to do so, governments should be prepared to force them to. By not making these devices as secure as possible,  an event that would be catastrophic in nature is possible. And by then, it would be way too late.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: