screenshot20170105at12
Security

FTC goes after D-Link for shoddy security in routers, cameras

The U.S. Federal Trade Commission is cracking down on D-Link for selling wireless routers and internet cameras that can easily be hacked, the regulator said Thursday.

Thousands of consumers are at risk, the FTC said in a complaint filed against the Taiwanese manufacturer charging D-Link with repeatedly failing to take reasonable measures to secure the products.

The action comes as hackers have been hijacking poorly secured internet-connected products to launch massive cyberattacks that can force websites offline. Recently, a notorious malware known as Mirai has been found infecting routers, cameras, and DVRs built with weak default passwords.

In D-Link's case, the company said its products were "easy to secure" and offered "advanced network security." But in the reality, the devices contained preventable security flaws open to easy exploitation, the FTC alleged.

Among those flaws, were guessable login credentials embedded in D-Link camera software, using the word "guest" for both the username and password. 

In addition, D-Link also failed to patch vulnerabilities in the product software, including a command injection flaw that would have given hackers remote control over a device.

"We can’t say whether we will take action against similar companies," an FTC spokesman said on Thursday.

However, shoddy security has also been found in numerous IoT products in recent years, and lately, security experts have been urging the U.S. government to issue tough regulations to stop the problem.

In D-Link’s case, the security flaws could have paved the way for hackers to spy on consumers and steal their data via a compromised web camera or internet router, the FTC claims. 

However, the Taiwanese company said it denies all the allegations found in the FTC's complaint and is "taking steps to defend the action."

The FTC's complaint, filed in the U.S. District Court for Northern California, is seeking an injunction against D-Link to prevent further violations.

In addition to D-Link, the FTC has also gone after PC maker Asus over similar problems found with its routers and cloud computing service. Asus agreed to a settlement with the FTC last February.    

IDG Insider

PREVIOUS ARTICLE

« T-Mobile looks to take the element of surprise out of wireless bills with flat pricing

NEXT ARTICLE

Xiaomi launches a new media router and an updated Mi TV 4, but just for China »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?