Tuesday, February 26, 2019

Japanese Government to probe insecure IoT devices - Part 2



Japanese Government to probe insecure IoT devices - Part 2

The Japanese government released the technical details regarding the IoT probing devices. Here is an extract of the most important information.

Starting date: February 20, 2019.

Important Contents:

Scope of the probe:
  1. Devices that can be accessed from the Internet using IPv4 addresses assigned to the Japanese territory
  2. Easy to guess ID and password
  3. Devices without a password
  4. There are about 200 million devices that match the above mentioned scope
  5. Devices: routers, web cameras, sensors, etc.
The National Institute of Communications and Technology (NICT) is going to use an approximately a set of 100 IDs and Passwords for this investigation. Here are the samples published in the referred site [1].

Commonly used for Cyber attacks

ID Password
admin admin
admin1 admin1
root root
supervisor supervisor


Identical characters, consecutive numbers, etc.

ID Password
admin 111111
root 123456
root 666666
root 54321
888888 888888

IP addresses to be used in the investigation

150.249.227.160-175

153.231.215.8-15

153.231.216.176-183

153.231.216.184-191

153.231.216.216-223

153.231.226.160-167

153.231.226.168 to 175

153.231.227.192 ~ 199

153.231.227.208-215

153.231.227.216-223

153.231.227.224-231

(96 total)

Communication:

In the case a device is identified, a communication will be sent to the ISP/owner of the IP.


References:

1. In Japanese https://notice.go.jp/
2. In Japanese https://www.nict.go.jp/info/topics/2019/02/13-2.html



at
Labels: , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

The importance of Information Security in our lives – Part 6

  6. In our relaxing time In these moments even our relaxing time is related to the use of a PC or to an streaming service, we should be mor...