If you’ve been reading through our CES coverage, you’ll have seen the next wave of smart appliances designed to make our lives easier: Grills, mattresses, dishwashers and toothbrushes are all getting more intelligent, but this built-in computing power comes with a new set of security risks. Security service vendor Proofpoint has uncovered a worldwide hacking attack that has affected over 100,000 smart gadgets, using the compromised devices to pour out spam and phishing messages across the Web.
Affected hardware includes smart television sets, routers, multimedia centers and even the odd Web-enabled refrigerator. More than 25 percent of the infected devices fell outside of the usual computer, laptop and mobile categories according to Proofpoint, which means the onrushing ‘Internet of Things’ has some serious security gaps to plug before it begins to be adopted by the mainstream market.
“Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse,” said Proofpoint’s David Knight. “Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them.”
The International Data Corporation (IDC) predicts that up to 200 billion devices — from games consoles to thermostats — will be hooked up to the Internet by 2020, and each piece of hardware is going to need integrated antivirus and antispam protection to fight these kind of attacks. Unlike operating systems or mobile apps, the software built into smart TVs and home appliances isn’t updated on a regular basis, making the issue even more of a concern.
Proofpoint found that the hacking attack sent out over 750,000 malicious email communications between December 23 and January 6. Osterman Research analyst Michael Osterman commented on the report’s findings: “The ‘Internet of Things’ holds great promise for enabling control of all of the gadgets that we use on a daily basis. It also holds great promise for cybercriminals who can use our homes’ routers, televisions, refrigerators and other Internet-connected devices to launch large and distributed attacks… few vendors are taking steps to protect against this threat, and the existing security model simply won’t work to solve the problem.”
The attack raises important issues about the security of our new, smarter homes: You might find yourself having to run a virus scan before hooking up your next super-intelligent refrigerator.