By Sharon Machlis
Journalist details the discovery of hundreds of Internet-connected devices that lacked basic password protection.
ATLANTA -- A self-described security "amateur" discovered hundreds of Internet-connected devices ranging from cameras to industrial control systems that were connected to the Internet without even basic password protection -- meaning they could be easily turned on and off or otherwise manipulated with a single click of a mouse.
"You would be amazed [what] you could find," Espen Sandli, a journalist at the Norwegian newspaper Dagbladet, told the Computer Assisted Reporting conference Thursday. "The project was made from people who had no idea about data security at the start."
They began by searching for basic security cameras, such as finding and taking control of a surveillance camera inside a nightclub. After that, they graduated to finding compromised control systems at military installations and railroads. In one case, they found a security company's list of clients and passwords in the clear online. In another, they could have accessed who was allowed to enter or leave a military building. Another device on the open Internet could have allowed them to switch off a railway fire-alarm system.
full article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.