Your IoT thermostat is connected to all of your other household IoT devices, as well as the open-internet. What’s to say that the attack isn’t being managed by another of, or maybe all of, your other connected devices? Or perhaps another vulnerable device is reporting to a central server the moment a new vulnerable device is added to your network? Which do you eliminate after you’ve chucked your thermostat? The new thermostat? Your IoT doormat? How can you know?
1 Like
