Who Left the Door Open? Investigating the Causes of Exposed IoT Devices in an Academic Network
Takayuki Sasaki, Takaya Noma, Yudai Morii, Toshiya Shimura, Michel van Eeten, Katsunari Yoshioka
IEEE Symposium on Security and Privacy 2024 · Day 2 · Continental Ballroom 4
This talk, "Who Left the Door Open? Investigating the Causes of Exposed IoT Devices in an Academic Network," delves into a critical and pervasive security challenge: the widespread exposure of Internet of Things (IoT) devices on institutional networks. Presented at the prestigious IEEE S&P conference, the research meticulously dissects the root causes behind vulnerable IoT devices, particularly focusing on the presence of risky services like **Telnet** and **FTP**. The team, comprising Takayuki Sasaki, Takaya Noma, Yudai Morii, Toshiya Shimura, Michel van Eeten, and Katsunari Yoshioka, conducted a comprehensive investigation within their university's Class B campus network, revealing a concerning landscape of insecure devices.
AI review
This research systematically dissects the root causes of exposed IoT devices, using a multi-pronged approach across an academic network. It conclusively demonstrates that manufacturers, through insecure defaults and inadequate documentation, are primarily responsible for the widespread presence of risky services like Telnet and FTP. The findings offer crucial, actionable insights for shifting accountability and improving fundamental IoT security.