…and default passwords. Default passwords are foolish in any device, but here’s a particularly failing example. A laundromat in Colorado had a security camera connected to the Internet (as is typical of security cameras), and it began hosting a particularly malicious bit of malware.
Bill Knapp, owner of Security Solutions LLC, whose firm installed the laundromat’s surveillance system, which included the security camera:
One of the hardest parts of this business is that everyone loses their passwords[.]
And when the camera manufacturer was called upon to reset the password, it could only reset it to the default password, which is well-known, as that’s how the consumer gets in to set up his system—which should include resetting the default password to an individual, hard-to-break one.
Steve McGregory, a researcher at security firm Ixia, about poorly secured devices:
Within nine seconds of turning on these things, they get hit[.]
There’s a hint there.