Could botnets force governments to regulate IoT device manufacturers?
According to researchers at WatchGuard Technologies, as IoT botnet attacks continue to grow in size and effectiveness in 2018, the damage they cause will force the IoT manufacturing industry to add stronger security to their products or eventually result in governments addressing IoT security with regulation.
“The Mirai botnet showed the world just how powerful an army of IoT devices can be to launch successful, record-breaking DDoS attacks against popular websites like Twitter, Reddit and Netflix,” said Corey Nachreiner, CTO at WatchGuard Technologies.
While the number of IoT devices with weak or non-existent security, both in development and deployment, continues to grow, attackers have already started improving on the Mirai source code, which will mean larger and stronger botnets in 2018. For example, the Reaper botnet actively exploits common vulnerabilities in IoT devices to gain access to the devices instead of relying on a hard-coded credential list.
“Potential IoT device regulations will most likely affect manufacturers of consumer-grade IoT devices first, since the end users of these products don’t have the knowledge to secure their own devices,” said Nachreiner. “These regulations will probably mirror similar liability-oriented regulations in other industries, where the manufacturer is held at least partially accountable for flaws in their products.”