Why We Can’t Stop Talking About Information Sharing

This perspective is shortsighted. Despite an increasingly toxic geopolitical climate, global trade remains robust. Internet-enabled products — ranging from smart Christmas lights to components in nuclear power plants — continue to cross borders. When those products move, their vulnerabilities move with them.

The Supply Chain Reality

Today’s internet-connected devices are ubiquitous and rely on opaque supply chains. While Software Bills of Materials (SBOMs) are an attempt to bring order to this chaos, the market's preference for "cheap" over "secure" means many devices remain a "mumbo jumbo" of unverified components. Vulnerabilities in these shared building blocks can have disastrous downstream effects.

A stark example is the Kimwolf botnet, recently exposed by XLab. It has infected millions of Android devices — primarily low-cost TV boxes — by exploiting exposed ADB services and tunneling through residential proxy networks. These devices, often chosen for their price point rather than their provenance, become launchpads for massive DDoS attacks and traffic proxying.

The Duty to Respond

If we stop reporting issues because we assume "the others don't care" or "they will misuse the data," we fundamentally misunderstand the stakes. CSIRTs (Computer Security Incident Response Teams) are effective because they share; they fail when they sit on information.

Of course, responsibility exists on the recipient side, too. According to the EthicsFirst framework, there is not only a "duty to inform" but also a "duty to acknowledge" — which implies a duty to react and remediate.

---

The TL;DR: Withholding information leads to a decline in security for everyone. It sabotages the very foundation upon which FIRST is based: improving security together.

Published on FIRST POST: Oct-Dec 2025.