Proofpoint reveals ‘Internet of things’ cyberattack

Sections: Features, HVAC, Internet of Things, Lighting control, Remote control, Security, Smart Home

submit to reddit

Image courtesy of Proofpoint


Today Proofpoint, a security service provider, put out a press release that reveals a cyberattack coming from smart appliances–the first such documented Internet of Things (IoT) attack. More than 750,000 malicious emails were sent from 100,000+ compromised connected home appliances and gadgets, including routers, TVs, and a connected fridge. Considering that the market is flooded with such devices, it brings up some important security questions. Questions that the homeowner may not think to ask. Here’s how Proofpoint described the implications:

Proofpoint’s findings reveal that cyber criminals have begun to commandeer home routers, smart appliances and other components of the Internet of Things and transform them into “thingbots” to carry out the same type of malicious activity. Cyber criminals intent on stealing individual identities and infiltrating enterprise IT systems have found a target-rich environment in these poorly protected internet connected devices that may be more attractive and easier to infect and control than PC, laptops, or tablets.

Apparently, the attack was pretty easy to execute, with the hackers using default passwords that left the devices completely exposed. Unlike computers that either have built-in protection, like Macs, or protective software, the study exposed the great vulnerability that IoT devices have, with “virtually no way to detect or fix infections when they do occur.”

Everything–from smart thermostats to security cameras to microwaves to smart TVs–is at risk. This is a huge blow to major manufacturers like Samsung, Bosch, LG, and others, who just launched major connected appliances for 2014. Just yesterday we reported on Apple’s absence from the smart home market. After this news, it seems like maybe there is some prudence to their delay. Considering that the iOS platform is known to be attack-proof, we look forward to an iOS smart home with built-in protection for a worry-free smart home. We also reported today on the security of wireless locks, in which both manufacturers we interviewed–Yale and Kwikset–reiterated the importance of a well-protected home network. Stay tuned for developments.

Print Friendly