A cybersecurity company has demonstrated that 15,000 internet-connected devices could be hacked to mine $1,000 of cryptocurrency in 4 days.
Web security company High-Tech Bridge‘s CEO Ilia Kolochenko comments:
“Many manufactures of IoT devices ignore even the fundamentals of security and privacy. Millions of IoT devices which are designed to process or store confidential, or personal, information do not even have a basic password protection option, or have a hardcoded admin password without the possibility of changing it.
Web interfaces of IoT devices are riddled with critical vulnerabilities that can be exploited to take over the device. Many of them use open source software component that have not been updated in years and can be exploited in a fully automated mode in a few seconds.
However, the CPU capacities of IoT devices are not comparable to modern user machines, for example. Therefore, IoT will probably not attract too many attackers in the near future. On the other side, if you breach an IoT device, you can use it as long as it is operating, as virtually no one monitors security of installed IoT devices.”