Fridges and smart TVs are now the targets of cybercrime
As we enter the internet-of-things era, where all manner of devices in our homes can be connected to the web and earn a “smart” prefix, it also brings concerns of new security issues. Many of these web-connected devices run custom operating systems that are often only developed to perform basic tasks, and security isn’t one of them.
Proofpoint’s report shows that more than 100 000 devices were involved in a scheme where 750 000 malicious emails were sent. It also comes shortly after another report from Prolexic about Android smartphones being prone to malware that would enable similar attacks – and a few months after it was discovered that point-of-sale systems, running embedded versions of Windows, were used to steal credit card data.
As more consumer electronics manufacturers release smart devices, security will be come a major concern. Smartphones can have their malware easily removed and users are able to monitor data or notice when battery life takes a dip (due to data-hogging malware), but who’s going to notice when their internet fridge is going on a spam rampage?
Samsung, LG, Hisense, and others already sell smart TVs in the South African market – and for those who’ve connected their TVs to the internet it’s just another thing to worry about. We can only hope those manufacturers take proactive steps when it comes to updating the security holes in the software for their smart TVs. Samsung already issues frequent updates, but those are only offered to users when they enter the smart hub. Software will remain on older versions until users opt for the update, which the TV can check for automatically.
These aren’t the only threats. While nobody’s officially sold an internet-connected fridge in South Africa, the time will come. And those will be joined by toasters, microwaves, washing machines, security cameras, and more. Basically, anything connected to the internet is fair game when it comes to hackers finding exploits. Since there’s money to be made from selling resources on these botnets, they’ll have the financial motivation to find the weaknesses in those systems.
It’s made worse, still, by those devices not having access to the same firewalls and security measures that our computers and smartphones have. Put simply, this report won’t be the first, but it does show that manufacturers of connected devices have to start focussing on proper security protocols before things get out of hand.
There are already industry bodies for most major standards, and the formation of a smart device security alliance is something that might just be needed.