Network security specialists reported a few months ago about the plans by the Japanese government to hack into the inhabitants’ Internet of Things (IoT) devices to test their security measures.
The Japanese government planned to integrate a
list of devices that use easy-to-break passwords to, in conjunction with
manufacturers and Internet service providers, implement the necessary measures
to improve the security of these Devices. While the objective of this plan is
understandable, even plausible, the methods thought of by the Japanese
government seem too intrusive.
Since March 2019, employees of the National
Institute of Communications Technology have been allowed to try to access home
IoT devices in Japan.
The test has already been performed on more than 200 devices, including
routers, webcams and other Internet-connected devices. According to network
security experts, when the test is completed, the government sends reports to
manufacturers about the vulnerabilities found, as well as a number of
recommendations to improve device security.
Figures published by multiple security firms
claim that Japan is one of the countries with the highest number of
cyberattacks against IoT devices in the world. Concern about information
security within the Japanese government increased since the announcement of the
Tokyo Olympics in 2020.
Network security experts believe that the
Japanese government’s plan involves great risks, but in the long run very poor
results will be obtained compared to the effort invested. In addition, most of
these devices contain vulnerabilities that could be exploited without the use
of passwords, so the Japanese authorities’ approach could be better defined,
not to mention that, in the end, these tests, though carried out for a
legitimate purpose, remain a cyberattack in practice.
Among other potential drawbacks, the Japanese
government announced that it will create a database with all the security
vulnerabilities found at the end of the program. In this way, malicious hackers
could access this list and carry out a massive campaign to exploit these flaws.
