For The First Time, Hackers Have Used A Refrigerator To Attack Businesses


Userlevel 7
Badge +54
Security researchers at Proofpoint have uncovered the very first wide-scale hack that involved television sets and at least one refrigerator.

Yes, a fridge.
 



This is being hailed as the first home appliance "botnet" and the first cyberattack from the Internet of Things.

A botnet is a series of computers that seem to be ordinary computers functioning in people's homes and businesses, but are really secretly controlled by hackers. The Internet of Things, is a new term in the tech industry that refers to a concept where every device in your house gets its own computer chip, software, and connection to the Internet: your fridge, thermostat, smart water meter, door locks, etc.

To a hacker, they all become computers that can be hacked and controlled.

In this case, hackers broke into more than 100,000 everyday consumer gadgets, such as home-networking routers, connected multi-media centers, televisions, and at least one refrigerator, Proofpoint says. They then used those objects to send more than 750,000 malicious emails to enterprises and individuals worldwide.
 
Full Article

10 replies

Userlevel 7
We all knew that such connected gadgets open the risk of hack...but running a Bot from a fridge? Now that's cool!

🙂
Userlevel 7
Cool?  The thought sends shivers up my spine.  Whatever next?  Can you imagine the chaos if they managed this with the washer/dryer and other domestic appliances that have a chip in them?  This smacks like the plot of "G-Force" 😉
Userlevel 7
Badge +35
Not really that much of a surprise. There has been speculation about what the security impact of the Internet of Things would be for some time - I guess we know now. @ wrote a blog on the subject nearly a year ago: GUEST BLOG: PREPARING TO SECURE THE INTERNET OF THINGS 
 
At least the refrigerators haven't started to seek out Sarah Connor - yet.
 
-Dan
 
 
Userlevel 7
No surprise at all to me.  My earlier comment was intended to be taken as nothing but  humor to a very serious post.
 
How would a fridge be able to be used in a botnet email campain?  Simple actually...  There are now appliances that have built in self diagnostic abilities.  At a press on the touchscreen, they can also email the manufacturer with that diagnosis for you so that the manufacturer and arrange for any needed repairs for you.
 
Smart?  Very.
 
Vulnerable?  It's connected, and obviously it is vulnerable as this hack has shown.
 
A major issue with this is: how do we protect devices such as these?  Obviously we can't install WSA or other AV's at this point in time.
Userlevel 7
The other prob more worrying thing to consider is that a lot of these good that have a custom OS really dont get updated very often (if ever) once they leave the manufacturer. So even if there is an issue nothing will be done unless they all use a standard OS (maybe a custom build of Android) that is easily updated.
 
Proper white goods tend to have a short lifespan so they are replaced rather than updated/fixed/rebuilt. Hence why getting firmware updates for older TV`s/DVD players can sometimes be next to impossible.
Userlevel 7
Like David, speaking seriously about this, this time I very much agree with you, Roy, that the major issue is the fact that no manufacturer is seriously going to do what MS does and continually patch security-related flaws in the simple & custom OSes that such white goods use.
 
Question is that how many hackers are going to waste their time on this until we are all very much more connected together, i.e., to the Internet, via such household devices...most likely a good few years given the initial cost of such devices.
 
But difinitively something to consider...as someone once said..."if it conatins a chip then it can be hacked"...:(
 
 
Userlevel 7
Badge +54
Well one question comes to my mind here.
Do household appliances really need to be connected to the internet? Maybe I am living in the past I don't know but I cannot really see the point.
Userlevel 7
There are actually now some that while they don't HAVE to be connected in order to do their intended function (keep food cold, wash clothes, dry clothes, etc) they do need an internet connection to use all secondary features.

There are appliances that when malfuntioning can self diagnose and contact the maker to schedule service.

Some fridges can not only track what is in it and what is on your shopping list, they can submit you order to online grocery services.

There are fridges with built in Smart TV displays: but it must be connected for you to watch Netflix while cooking.

Smart TV's don't need connection for satellite, but they do for the Smart features.

It is amazing what some of the high end models from the last couple years could do, and it just keeps getting even more so!
Userlevel 7
Badge +54
Where I live, we have a new Biomass boiler which as part of my job I have to look after and that has its own internet connection for the same reasons, in fact I keep an eye on what it is doing from on this computer. It just seems to me that the world is getting just a bit "too" connected.
Userlevel 7
Now that my friend is the "Smartest" thing I have seen posted for a long time! 😉

Reply