‘Smart’ home appliances vulnerable to malicious hackers


The first ever cyber attack on “smart” home appliances occurred between December 23, 2013, and January 6, 2014. An investigation launched by security firm Proofpoint finds that hackers had broken into household appliances, such as refrigerators, televisions and routers. The hackers were able to send hundreds of thousands of malicious emails from compromised household “smart” appliances which are hooked up to insecure internet networks. Other smart appliances can include things like smoke detectors and thermostats.

Internet-connected appliances can now be invaded and used as hacker havens

In just two weeks, hackers had invisibly invaded multiple homes and sent over 750,000 malicious emails from random “smart” household appliances. Is your thermostat a hacker haven?

Proofpoint said the cyber attacks also included compromised laptops and tablet devices, but the most stunning hijackings were found in various household appliances. At least 25 percent of the cyber hijackings involved non-traditional internet-connected appliances, making it the first proven breach of smart appliances. These smart appliances are part of a new tech trend, referred to as the “internet of things,” which is a network of appliances all connected and controllable by the internet.

“The ‘Internet of Things’ holds great promise for enabling control of all of the gadgets that we use on a daily basis,” said Michael Osterman, principal analyst at Osterman Research, “But it also holds great promise for cybercriminals… to launch large and distributed attacks.”

These distributed attacks can be launched to attack individuals or entities at the rate of 100,000 or more emails a day, as seen in this investigation. These internet-of-things devices usually go unprotected by anti-spam and antivirus programs and are hardly ever monitored by alerting software that reminds users to patch new security issues as they arise.

Hackers exploit compromised devices to create a botnet attack platform

Hackers take over the appliances by linking up compromised devices to create a botnet. A botnet is like an army of “zombie devices” that are used to attack other computers by performing tasks such as overbearing a website with traffic.

In this instance, the hackers sent out mass, malicious spam emails in their botnet attack. This botnet method is becoming harder to track, thanks to an ever expanding network of internet-connected devices and insecure public networks.

Growing networks of internet-connected devices make cyber attacks hard to track

The Gartner research firm expects that by 2020 more than 30 billion internet-connected devices could be in use worldwide. To put that in perspective, there were approximately 2.5 billion internet-connected devices in people’s hands in 2009. As more devices go online, privacy is likely to be sacrificed for mere convenience.

And with so many new household gadgets entering the marketplace, security firms like Proofpoint are finding it harder to track privacy breaches and cyber attacks, as solutions to protect mobile devices becomes a battlefield.

For instance, the recent attacks investigated by Proofpoint found that hackers launched no more than 10 emails from any single IP address. Proofpoint said that many of the hijackings were initiated in devices that were not set up correctly, were performed in internet connections that used default passwords or were conducted on easy to find public networks.

The newest hardware “smart” appliances hitting the marketplace are Google’s newly acquired Nest, which is a thermostat and smoke detector company that was purchased for $3.2 billion.

As the convenience of internet-connected devices grows in popularity, how might regular household appliances become a data-collecting mine, a privacy-breaching haven or a hacker’s launch pad?

Sources for this article include:

http://www.rt.com

http://www.nbcnews.com

style="display:inline-block;width:728px;height:90px"

data-ad-client="ca-pub-8193958963374960"

data-ad-slot="6833476334">



Comments
comments powered by Disqus

RECENT NEWS & ARTICLES