Cyberattacks against IoT devices have grown markedly over the past two years, prompting a warning from Interpol that nearly any IoT device – from refrigerators to smart phones - is vulnerable to attack.
As attacks proliferate, law enforcement struggles to keep up, according to a report in the Express.
"Attacks on IoT devices such as internet connected fridges, TVs, smart home devices etc. are down to flaws in the software running on them, and attacks will continue to happen until those flaws are dealt with. Good practices by vendors around configuration and authentication need to be initiated or matured to prevent this in future,” said Adam Brown, manager - security solutions, at Synopsis. "The famous Mirai botnet attack of late 2016, which saw the likes of Twitter, Netflix and others knocked out of service, was made possible because of the use of default credentials in IoT devices – a flaw in the design.”
Brown said he "would love to see certification for IoT devices become commonplace so that consumers can know that the devices are cyber safe, much in the same way that if you buy a toy with a CE mark you know it has been through a process of assessment and it won't, for example, poison anyone because it has lead in its paint.”
A device that is certified “will be less likely to lend itself to a hacker to steal from you, use you as a place to attack others from, or use your electricity to mine cryptocurrencies for themselves."
Interpol recently drew 43 investigators and digital forensics pros from 23 countries together for its Digital Security Challenge – one in which a cyberattack is launched from a hacked IoT device, a webcam.