The Japanese government hopes to ensure the safety of IoT devices before the 2020 Tokyo Olympics, avoiding similar Olympi c Destroyer and VPNFilte r malware attack.
According to foreign media reports, the Japanese government passed a law amendment on January 25, government officials can invade the Japanese people's Internet of Things equipment, investigate unsafe IoT equipment, by the Japan Information and Communications Research Institute (NICT) ) in the Ministry of Internal Affairs and Communications (Ministry of Internal Affairs andCommunications) under the supervision of.
NICT can use the default password and password dictionary to try to log in to the Japanese people's IoT devices, and then sort out a list of unsafe devices with default passwords or weak passwords, and pass them to relevant departments and Internet service providers to remind people to protect. These devices.
The investigation is scheduled to take place next month, and the authorities plan to test the password security of more than 200 million IoT devices, starting with survey routers and webcams. Home and business equipment are said to be tested.
According to a report by the Ministry of Internal Affairs and Communications of Japan, attacks against IoT devices accounted for two-thirds of all cyber attacks in Japan in 2016.
The Japanese government said the move was for the 2020 Tokyo Summer Olympics. The government is concerned that hackers may use IoT devices to attack the Olympics' IT infrastructure. This kind of worry is not unreasonable. At the end of 2017, the International Olympic Committee banned hundreds of Russian athletes from participating in the 2018 PyeongChang Winter Olympics in South Korea. Russian hackers deployed the Olympic Destroyer malware before the opening ceremony of the Olympic Games.
This decision of the Japanese government has caused the anger of many Japanese people. Many people think this is an unnecessary step. In fact, some users may not change their password even if they receive a notification that their password is low security. So even if the government wants to avoid malicious attacks as much as possible, as long as Japan sends security alerts to all users.