Leaky IoT devices help hackers attack e-commerce sites

Millions of IoT devices are misconfigured so that they can forward messages — which, combined with default admin settings, allows them to be used to attack e-commerce and other websites, a new report says.

The problem is well known and has been around for a more than a decade, said Ryan Barnett, principal security researcher at Cambridge, Mass.-based Akamai Technologies Inc., which produced the report.

The problem first came to Akamai’s attention when the content delivery network noticed attacks against its customers where the attackers were checking to see whether particular user name and password combinations were valid on the site.

To read this article in full or to leave a comment, please click here