Warner seeks information on cybersecurity vulnerabilities in IoT devices

U.S. Sen. Mark Warner (D-VA) on Tuesday requested information from three federal agencies on the tools the federal government has available, and the tools that might be necessary, to prevent cybercrime affecting consumer products such as Internet of Things (IoT) devices.

Warner, founder of the bipartisan Senate Cybersecurity Caucus, sent his request to the Federal Communications Commission (FCC), the Federal Trade Commission (FTC) and the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC).

IoT devices like internet-connected refrigerators, smart thermostats and internet-connected cameras are subject to cybersecurity vulnerabilities. These then can allow cybercriminals to access user data and hijack the devices into large botnets that upload massive amounts of data to specific websites and servers.

Botnets, or “zombie computers,” infect vulnerable devices with malware and send remote commands to hordes of compromised computers to cripple parts of the internet.

U.S. cybersecurity experts said botnets might have carried out the denial-of-service (DDoS) attack that occurred last Friday, halting access to popular websites like Netflix, Twitter and Facebook.

“The weak security of many of the new connected consumer devices provides an attractive target for attackers, leveraging the bandwidth and processing power of millions of devices, many of them with few privacy or security measures, to swamp internet sites and servers with an overwhelming volume of traffic,” Warner said. “I am interested in a range of expert opinions and meaningful action on new and improved tools to better protect American consumers, manufacturers, retailers, Internet sites and service providers.”