Total Tests:

Hackers gain access to over 150 000 security cameras

By Kirsten Doyle for ITWeb
Friday, March 12, 2021

Ilia Kolochenko, founder and CEO at ImmuniWeb, commented: "This incident will likely trigger an avalanche of legal and judicial costs for the affected companies as the leak of such data is a reportable security incident under many state and federal laws. Moreover, individual notifications to the exposed victims filmed by the compromised cameras, or even notifications by a press release, may be required as a matter of law depending on the specific usage and location of the branched cameras.”

He says the US has already enacted a federal law to prevent unsecured IOT devices from being supplied to the Federal government via the “IOT Cybersecurity Improvement Act” in 2020. States such as California and Oregon also pioneered state regulation of IOT security by enacting state laws. The California law is quite comprehensive from a technical viewpoint, but is comparatively toothless: individuals cannot sue under the law and there are no fixed monetary penalties like under CCPA/CPRA, which serve as a formidable deterrence for those who misuse personal data of the state citizens.

"In Europe, ENISA recently published a standard for the security of IOT devices; however, it has no legally binding power. To avoid domino-effect hacks of this nature, we urgently need a harmonious IOT data security legislation both in the US and EU.

“The current 'patchwork' of disjoint laws is confusing, burdensome and inefficient,” Kolochenko ended. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential