A new report shows that the risks from IoT (Internet of Things) devices are increasing, with the bad guys and girls using bots, worms and other malware (including scripts) to trawl the Internet looking for IoT devices that are insecure; un-patched and therefore vulnerable, use weak, known and often hard-coded passwords that can’t be changed, weak crypto implementations, etc. and are therefore, easy to compromise and re-purpose for their nefarious purposes.
This doesn’t surprise me, and in fact I expect it to accelerate until suitable standards backed up by legislation comes in to force….
IoT vendors need to take responsibility for the (mainly) poor security (or complete lack of security) in their products….
There are a few vendors out there that have baked good security in at the design phase and continue to secure/patch/harden their products and back-end infrastructure; the rest need to catch up, fast!
More details can be found here: https://www.infosecurity-magazine.com/news/iot-malware-detections-soar-273/