A security company, Proofpoint, claims to have uncovered a hacking involving a refrigerator and televisions — and 750,000 malicious emails.
Appliances and all sorts of gadgets now have Internet connections. Experts have warned about the potential of such appliances and other gadgets being used in cyber attacks. Proofpoint claims to now have evidence of one of these attacks using such devices. This would be the first time such an attack using devices which are not conventional computers has actually been reported
From Dec. 23 through Jan. 6, malicious emails were sent in waves of 100,000 from all sorts of devices connected to the Internet, Proofpoint says.
The company says the attack included more than 750,000 phishing and spam emails in all. Over 25 percent of the volume of the emails were sent from devices that were not conventional laptops, desktops or mobile devices. Hacked devices included routers, smart TVs, and at least one smart refrigerator. An official Proofpoint report explains:
“No more than 10 emails were initiated from any single IP address, making the attack difficult to block based on location – and in many cases, the devices had not been subject to a sophisticated compromise; instead, misconfiguration and the use of default passwords left the devices completely exposed on public networks, available for takeover and use.”
So, the next time you grab your lunch from the company lunch room, you may be stumbling on a cyber attack. For devices that are connected somehow to the “Internet of Things,” be sure they are as secure as anything else.
According to proofpoint, most such devices aren’t protected by anti-spam or anti-virus infrastructure available to organizations and individuals. They also rarely have dedicated IT teams or software to address new security issues as they arise the way conventional computers do.
In the report, Proofpoint adds:
“The result is that Enterprises can’t expect IoT-based attacks to be resolved at the source; instead, preparations must be made for the inevitable increase in highly distributed attacks, phish in employee inboxes, and clicks on malicious links.”
The company says such smart devices are expected to grow to four times the number of conventional laptops, desktops and mobile devices over the next few years. So businesses must be aware of the risks.
Smart TV Photo via Shutterstock