Could your smart fridge be a magnet for criminals in the future?
Imagine a scenario where your smart fridge e-mails you to say that you are running out of orange juice or that your milk bottle is about to expire. That’s useful and rather cool. Now, imagine a scenario where your smart fridge emails you an ad for some primo male enhancement pills. Not so cool!
This is more or less what happened last January to at least one fridge in the first documented attack of its kind. More specifically, the Internet of Things has been used as part of an attack that sent out over 750,000 spam emails. So-called “smart” appliances including multimedia centers, TV and yes, a fridge, were being used to send spam and “phishing” e-mails containing malware to steal useful information such as passwords. The attack sent out over 750,000 spam emails, in bursts of 100,000 emails at a time, three times a day, with no more than 10 emails sent from any one IP address, making them difficult to block.
Smart devices are full-fledged computers, and the Internet is a two-way street. Once a device is online, people other than its owners may be able to connect to it and eventually compromise it. Unfortunately, security is often lax, or non-existent as smart devices lack many of the protections available to desktop computers such as antivirus programs and regular security updates from software-makers. Additionally, the economics of the smart-device business currently mean that few sellers are taking security seriously.
“Botnets are already a major security concern and the emergence of thingbots may make the situation much worse. Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them.” – David Knight from Internet firm Proofpoint.
With the rise of the Internet of Things, this could prove to be a significant problem. Spam e-mails are annoying, but worse could be possible. Imagine someone writing some malware that takes over air conditioners, and then turns them on and off remotely to bring down a power grid.
After all, paranoia is reality seen on a finer scale.