You probably knew that the Internet is inherently unsecure. And you probably knew that 80% of email is spam. But did you know that any appliance that is connected to the net and is running some sort of OS, can be taken over and turned into a zombie mass mailer? This is what happened to a lowly fridge connected to other 100,000 objects, many of them appliances. The news should be sobering indeed.
Special note to my COM 435 students: What do you make of this story?
With the rise of the Internet of Things comes a lot of convenience, such as smart fridges that let you access the internet and call for service in the case of malfunction, or devices that can monitor your energy usage and send you Twitter updates.It also comes with a new problem: many of these internet-connected devices don’t have malware protection. And it’s now been documented that someone is taking advantage. Security company Proofpoint has discovered a botnet attack — that is, a cyber attack whereby the attacker hijacks devices remotely to send spam — incorporating over 100,000 devices between 23 December and 6 January, including routers, multimedia centres, televisions and at least one refrigerator.The attack sent out over 750,000 spam emails, in bursts of 100,000 emails at a time, three times a day, with no more than 10 emails sent from any one IP address, making them difficult to block. Over 25 per cent of the emails were sent from devices that weren’t conventional computers or mobile devices. It is the first documented case of common appliances being used in a cyber attack — but that doesn’t necessarily mean it was the first time it occurred, and it certainly won’t be the last.