View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 1, 2016updated 28 Jul 2022 6:36am

Tim Berners-Lee calls for accountable cyber security strategy, warns of IoT botnet danger

World Wide Web creator Tim Berners-Lee discussed the risk of connected devices being captured by hackers, as seen in the recent Dyn attack.

By

Creator of the World Wide Web Sir Tim Berners-Lee praised the Government’s new cyber security strategy as he called for consumers to be more vigilant about the dangers of internet-connected devices.

Speaking on BBC Radio 4’s Today Programme, Berners-Lee said that a “balanced” approach was needed, saying that the Government was “absolutely right” to be concerned about the threats from the numerous types of cyber attackers.

“The internet can be attacked and has been attacked in all kinds of different ways, so yes the UK needs to have a strong but responsible and accountable police force and GCHQ needs to have the tools to defend us and defend the open internet,” said Berners-Lee.

At the time of writing, the Government was set to launch the UK’s new cyber security strategy, which is expected to include new defences against cyber criminals.

Questioned over Chancellor of the Exchequer Philip Hammond’s stated aim to “strike back” in cyber space, Berners-Lee said that a first strike approach was not needed but that an offensive approach was needed in certain circumstances.

“When you look at what happens when you’re being attacked by a whole lot of domestic appliances, the way you defend yourself against it is by striking back; you take those machines over if somebody is attacking you.”

This was in reference to recent Internet of Things-powered DDoS attacks that have been mounted against security blog KrebsOnSecurity and more recently, hosting provider Dyn.

These have been conducted using the Mirai malware, which is encoded with a list of a few default passwords, including obvious words and phrases such as ‘password’ or ‘password123’. It trawls the net, looking for passive internet-connected devices such as routers and cameras and inputs these passwords into the devices to try and take them over.

Content from our partners
The growing cybersecurity threats facing retailers
How to integrate security into IT operations
How Kodak evolved to tackle seismic changes in the print industry and embrace digital revolution

Berners-Lee told listeners to be careful:

“As a consumer, if you buy a webcam and plug it in, you’d better put a password on it, not because somebody is going to be trying to find out what you are doing in your home, but because an automated machine is going to be taking over all the webcams.”

Topics in this article: , ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED
THANK YOU