Who’s responsible when your DVR launches a cyberattack?

posted by
October 25, 2016
The Atlantic
by Kaveh Waddell  
Posted in Commentary, PND Commentary

"There might be an alternative to government action: Perhaps an individual or a company could sue manufacturers of faulty devices directly for their negligence. Steve Rubin, a cybersecurity lawyer at Moritt Hock & Hamroff, says the legal framework for such a suit may already exist in tort and contract law. A manufacturer would be in breach of contract, for example, if it sold a product it claimed was safe but that wasn't. A civil suit against a manufacturer for leaving its products vulnerable to botnets would take a 'smart and creative lawyer,' said McAndrews. 'They would be in uncharted territory.' Without some sort of legal risk for device manufacturers that put out faulty and dangerous machines, the lawyers agreed, it could be very hard to raise the standard of internet-of-things security. (Of course, for attorneys who specialize in cybersecurity, more internet-security regulations usually means more work.)" (10/25/16)

http://www.theatlantic.com/technology/archive/2016/10/whos-responsible-when-your-dvr-launches-a-cyberattack/505322/  

Tags: ,

  • dL

    Most of this originates from default credential settings that are being compromised. The simplest remedy is to force the user to update the settings before the device is operational..but we are long past the days when IoT consisted more or less of your wifi router…and i’m not the best one to give recommendations on how to manage your IoT environment with your iOS watch device.

    But: to most(other than the affected firms w/ outages, like twitter, github,disqus and those w/ a reliance on unavailable apis) the outages were a minor nuisance.

    And: it highlights a fact that maybe everything shouldn’t be on the public network.

    To me, I see the innovation of IoT presaging an internet state security compliance complex that would have a deleterious effect on internet freedom. Innovation for the sake of innovation, for the sake of chasing venture funding , for the sake of keeping the stock prices up is not automatically a good thing.
    And IoT certainly isn’t coterminous with increasing availability/competition and reliability in cheap broadband.

Our Sponsors