The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

Japanese Government Plans To Hack Citizens IoT Devices

See Article Here

In an effort to secure IoT devices before the 2020 Toyoko Summer Olympics, the Japanese government pass a law to enable it to hack into people’s IoT devices. The scans will be perfomed by employees of the National Institute of Information and Communications Technology (NICT) under the supervision of the Ministry of Internal Affairs and Communications. NICT employees will be allowed to scan and attempt to use default passwords and password dictionaries to try to log into Japanese consumers' IoT devices, i.e. hack the devices.

They are planning to compile a list of insecure devices that use default and easy-to-guess passwords and pass it along to Japanese authorities and the relevant internet service providers, so they can alert consumers and secure the devices. Wow. Ok. So what would prevent the government from changing the log on credentials themselves, create a back door, change it back and now they have access to all insecure IoT devices? Or what about a state attackers getting access to the NICT gathered information on all citizens’ devices. Or using the same technology to scan all IoT devices within and outside Japanese borders? Trust? Who has that much trust in any government?

On the one hand, the cyber security person in me says some good could come out of this, secure devices are important. However, the privacy person in me is screaming! We will see what happens.