If IoT device manufactures adhere to the best practices recommended by BITAG it could help mitigate DDoS attacks from script kiddies.
In 2010, Time Warner Cable, Verizon, Comcast, Google, Microsoft and Intel along with a handful of other tech companies had collaborated forces with former FCC’s Chief Technologist, Dale Hatfield to form the Broadband Internet Technical Advisory Group (BITAG) so as to attempt to form a set of best practices for broadband management and security.
Today, BITAG has laid out its recommendations for what is stated to be the next big thing in online communication: the Internet of Things.
In an increasingly digital world, similar to the wild-west, connected devices in smart homes are sitting ducks for script kiddies and hackers who play the keyboard as quickly as Billy the Kid ever drew a six-gun; with little to no regulation, BITAG’s best privacy and security practices will act as the sheriff.
This is not just speculation and fluff, using sophisticated techniques, hackers used 145,000 IoT devices, including security cameras and DVRs, to launch DDoS attacks across the United States, as recently as this October.
In its recommendations for IoT, BITAG has stated that these connected devices should include automated secure timely software updates, should be password protected, and should have increased testing of customizable options.
BITAG has also suggested the implementation of encryption best practices, including the ability to function without the availability of the cloud. It also wants to establish a cyber security program which will include a seal that certifies devices as “secure”.
Although, BITAG doesn’t have any power to enforce its recommendations, it can however influence regulatory discussions in the future.