Japanese Consumer IoT Under Attack by Hackers & Government

By Special Guest
Igor Rabinovich, CEO of Akita
September 10, 2019

Residents of Japan, are you ready for Tokyo 2020? No, you’re not.

The Olympic Games will take place there next year, and hackers are already airing out their counterfeit Tokyo 2020 hoodies and stretching their typing fingers, preparing to break a record or, preferably, your IoT devices’ and router’s security. That is, if the Japanese government doesn’t beat them to it.

Japan already got cyberburned in 2015, when the records of 1.25 million people, almost 1% of Japan’s population, were exposed in a hack of the national pension service.

Hosting the Games makes the super-techy state an even bigger target for hackers, owing to the heightened media attention and the rapid infrastructure and services development leading up to them.

Many recent Olympic hosts saw an increase in cyberattacks - an estimated 250 million attacks were launched against the 2012 London Games, including a 40-minute DDoS attack on the venue’s power systems during the opening ceremony; an official government website was toppled at the 2016 Rio Games; and ticketing systems were crippled for hours at the 2018 Pyeongchang Winter Games, to name a few. In September of last year, hackers already tried phishing people in the United States and Japan with fake Tokyo Games ticket offers via email.

As part of the pre-Olympics cybersecurity tightening efforts, Japan’s National Institute of Information and Communications Technology (NICT) decided to embark on a mission to white-hat hack more than 200 million IoT devices, webcams, and routers, privately as well as corporately owned.

In January, a law passed allowing NICT employees in their official capacity to hack people’s IoT devices. They will be trying to get into the devices using known default passwords for devices, as well as dictionary attacks, which is trying out words and word combinations commonly used as credentials, such as “admin,” “123456” (seriously), “password” (seriously!) and “qwerty” (now you’re just being an asdf).

Data collected by NICT will be used to compile a list of unsecured devices - ones that have default or too-simple credentials. The list will be disseminated to the relevant authorities who will use it to alert consumers, and possibly manufacturers, of the weaknesses.

But why focus on routers and IoT? Because hackers do. According to a Japanese Ministry of Internal Affairs and Communications report and an NICT survey, two thirds of all cyberattacks in 2016 and 54% in 2017 targeted IoT devices.

That’s because being able to control your smart home and IoT devices requires connecting your Internet of Things to your home network; remotely controlling them requires giving yourself remote access to that network. That means your home router is a net swinging door - allowing your network to connect to the web and, dangerously, the web to your network.

Routers and IoT devices tend to be unsecured. Recent analysis of thousands of our clients discovered an average of two security problems per ISP router. They come with default credentials few bother to change- “Why would anyone try to connect to my lightbulb?”; firmware users only rarely and sporadically install updates, as it’s not automated or prompted as is the case in computers and smartphones. Once inside, hackers can abuse your devices for sinister schemes, such as initiating DDoS attacks against critical national infrastructure.

Japanese consumers aren’t the only ones vulnerable. All consumers need to consider the holes in their home networks and determine the best ways to secure them.

About the author: Igor Rabinovich is CEO and founder of Akita. Akita provides “Smart Home Security as a Service” for consumers, using military-grade security protection to prevent botnets, DNS spoofing , cryptojacking, and other IoT-based attacks against home IoT devices and their connected networks. 

Edited by Ken Briodagh
Related Articles

Otis Completes Elevator Modernization for Empire State Building

By: Ken Briodagh    10/14/2019

Otis recently delivered and installed a custom-made glass elevator to carry visitors to the Empire State Building's newly renovated 102nd floor Observ…

Read More

IIC Announces 26 Contestants for IoT Smart Buildings Challenge

By: Ken Briodagh    10/9/2019

Spanning the globe, the selected organizations represent innovators in Industrial IoT and Blockchain technology

Read More

AI Refrigerator Camera Aims To Keep Food Fresher And Grocery Bills Lower

By: Juhi Fadia    10/9/2019

brezzl's designers are planning to employ AI as a "food manager" which addresses a multi-billion-dollar global challenge, as the average family throws…

Read More

HSB Launches New IoT Solution for Schools

By: Ken Briodagh    10/4/2019

HSB Connected Technologies Monitors Buildings and Equipment 24/7 to Prevent Water Damage and Spoilage

Read More

IoT Connectivity Enables Vegas Bleutech Park "Smart City"

By: Ken Briodagh    10/3/2019

A planned Las Vegas "mini-city" will showcase environmentally friendly construction and multiple interactive technologies, including Internet of Thing…

Read More