It doesn't really matter who was firing the shot, so much as all those loaded, pwn3d weapons remaining in the wild that can be pressed into service again and again. This is not the first such event, it's at least the third. It won't be the last either, and the only way I can see to stop it is to permanently dismantle the IoT until it can be rebuilt from the ground up with security in mind. If security is too hard for the poor vendors and end users, then don't rebuild it. The health of the network as a whole is far more important than any single purpose for which it is used -- besides which, the devices can't be trusted to do their jobs anyhow once they've been pwn3d.
Make the vendors take them back in a recall -- could be a service recall in which they are made field-upgradable, or if they're hard-coded then they get the Galaxy Note 7 treatment as the hazards they are. Those who won't take them back should be cited under FCC Part 15 rules and have their certifications revoked and fines levied. It is easily provable that the devices are "causing harmful interference". It's time to get them off the network. Like yesterday.