By Diane Bartz and Jim Finkle
Image Attribute: © 2013 Australian Government, Creative Commons Attribution 3.0 International License
WASHINGTON/BOSTON, Jan 5 (Reuters) - The U.S. Federal Trade Commission filed a lawsuit against D-Link Corp on Thursday, accusing the Taiwan-based manufacturer of failing to take reasonable steps to protect its routers and internet-linked security cameras from hackers.
The FTC brought the charges as part of a broader effort to improve the security of internet-connected devices, including routers, webcams, digital video recorders and other widely used consumer electronics devices.
The company said the claim is without merit.
"D-Link denies the allegations outlined in the complaint and is taking steps to defend the action," it said in a statement. "The security of our products and protection of our customer's private data is always our top priority."
Concerns about the security of internet-connected devices, which are sometimes referred to collectively as the internet of things, or IoT, have surged since last year when hackers used armies of compromised routers, webcams and other electronic devices to launch a series of increasingly powerful attacks that severed access to some of the world's biggest websites.
Security experts blamed those attacks on lax security in large numbers of IoT devices from dozens of manufacturers. They have called on the industry to better secure their equipment, removing easy-to-exploit vulnerabilities such as the use of default passwords that give hackers the keys to remotely access machines over the web.
Allison Nixon, director of security research with cyber intelligence firm Flashpoint, said the FTC's action could encourage IoT manufacturers to beef up security.
"I think vendors are going to take it seriously," she said. "The IoT world needs to shape up quickly because this is a big problem."
The FTC's complaint alleged that D-Link neglected to protect the devices from "widely known and reasonably foreseeable risks of unauthorized access," even as it highlighted security features in communications with consumers.
The FTC asked the U.S. District Court for the Northern District of California to order D-Link to improve its security practices and to pay the agency's legal costs. The agency filed the case after issuing guidelines on securing IoT devices in 2015.
FTC commissioners voted 2-1 to approve the filing of the lawsuit. The Democratic chairwoman Edith Ramirez and commissioner Terrell McSweeny voted yes, but the lone Republican commissioner, Maureen Ohlhausen, opposed the filing of the lawsuit.
(Reporting by Diane Bartz, editing by G Crosse and Bernard Orr)
(c) 2017 Thomson Reuters
Also read: Vulnerability in many D-LINK routers called Joel’s Backdoor patched: SSO Alert Priority Moderate [ Australian Government | Department of Communications and the Arts | Dated: December 16, 2013]