Vigilante Cyber-Justice in the Wild, Wild IoT

  • May 05, 2017
  • Feature
Vigilante Cyber-Justice in the Wild, Wild IoT
Vigilante Cyber-Justice in the Wild, Wild IoT

By Alan Grau, President & Co-Founder, Icon Labs

Stories of vigilante justice during the “wild, wild west” period in US history are legendary.  According to legend, outlaws roamed cattle towns and remote settlements overwhelming law enforcement and thriving wherever law enforcement was lax. Whenever things got too bad, citizens would sometimes band together and try to take matters into their own hands, dishing out retribution in a way that sometimes served justice and at other times, resulted in new crimes more heinous than the original offense.    

Recently, with a lax environment for IoT device cyber-security, a hacker, self-proclaimed as “The Janitor,” launched his or her own vigilante style cyber-attack. The attack targeted devices that failed to meet basic cyber-security requirements, such as not requiring end users to change default passwords.  The attack modified critical code and/or data stored on these devices to “brick” the devices thereby rendering them unusable. 

The Janitor, in a manifesto released accompanying the cyber-attack, said he likes to think of himself as “The Doctor” and described the attack as a sort of “cyber-chemotherapy.”  Just as chemotherapy is an extreme action taken to rid the body of harmful cells, his cyber-attack would rid the Internet of IoT devices he felt contributed to the Internet becoming “seriously ill.” 

The recent Mirai attack, in which thousands of insecure IoT devices were used to create a botnet that launched cyberattacks, was cited as justification.  His rationale was that these unprotected devices leave us all vulnerable to cyber-attacks that could inflict serious damage on us as a society.  As you may recall, last year’s Mirai DDoS attack shut down the websites of major companies, bringing e-commerce to a halt in some locations.  The Doctor wants to prevent these types of attacks from happening again.

The Doctor’s actions, while clearly illegal, highlight an important issue.  Despite the growing threat of attack, companies are not adequately investing in security. 

And until companies appreciate the risk involved in distributing unsecured devices, cyber-attacks will continue to occur.  Regardless of the motivation behind the attack, ultimately, it is those OEMs that produce products lacking security that are mostly to blame.  Just as societies without strong law enforcement result in higher crime rates and vigilante justice, lax security results in increased cybercrime.

About Icon Labs

Icon Labs, a 2014 Gartner “Cool Vendor” and 2015 Gartner “Select Vendor”, is a provider of embedded software for device security, device protection, and networking management. They are known for their award-winning Floodgate Defender and Floodgate Security Framework products. The Floodgate Certificate Authority (CA) and Public Key Infrastructure (PKI) Client offer manufacturers easy and efficient integration of certificate-based machine-to-machine authentication. Founded in 1992, Icon Labs is headquartered in West Des Moines, Iowa, USA 

About the Author

Alan Grau is the President and cofounder of Icon Labs, a leading provider of security solutions for IoT and IIoT devices. You can reach him at


Learn More

Did you enjoy this great article?

Check out our free e-newsletters to read more great articles..