One security expert said one possibility would be for the U.S. to ban sales of the most insecure devices. “Regulations which ban the sale of horribly secured devices in the U.S. might cause vendors to fundamentally improve the security of their devices for everyone with a global impact, because manufacturers want to be able to sell into the U.S.,” said Mark Dufresne, director of threat research and adversary prevention at security provider Endgame.
However, Dufresne said it is impractical for Warner to suggest that an ISP block a device’s access to the internet.
“Vulnerable devices are all over the globe,” he said. “Even if we got rid of all of them in the U.S., it really wouldn’t matter. The botnet is huge and can still target U.S. systems. ISPs may not be able to identify downstream devices with confidence and might miss some while mistakenly turning some off.”
Sign up for Computerworld eNewsletters.