Computer security researchers said this week they discovered a large "botnet" which infected Internet-connected home appliances and then delivered more than 750,000 malicious emails.
The California security firm Proofpoint, Inc, which announced its findings, said this may be the first proven "Internet of Things" based cyberattack involving "smart" appliances.
Proofpoint said hackers managed to penetrate home-networking routers, connected multi-media centres, televisions and at least one refrigerator to create a botnet, or platform to deliver malicious spam or phishing emails from a device, usually without the owner's knowledge.
Security experts previously spoke of such attacks as theoretical.
But Proofpoint said the case "has significant security implications for device owners and enterprise targets" because of massive growth expected in the use of smart and connected devices, from clothing to appliances.
"Proofpoint's findings reveal that cyber criminals have begun to commandeer home routers, smart appliances and other components of the Internet of Things and transform them into 'thingbots,'" to carry out the same kinds of attacks normally associated with personal computers.
The security firm said these appliances may become attractive targets for hackers because they often have less security than PCs or tablets.
Proofpoint said it documented the incidents between 23 December and 6 January, which featured "waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting enterprises and individuals worldwide."
More than 25% of the volume was sent by things that were not conventional laptops, desktop computers or mobile devices. No more than 10 emails were initiated from any single device, making the attack difficult to block based on location.
"Botnets are already a major security concern and the emergence of thingbots may make the situation much worse," said David Knight at Proofpoint.
"Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur.
"Enterprises may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them," the company said.
Source: AFP via I-Net Bridge
For more than two decades, I-Net Bridge has been one of South Africa’s preferred electronic providers of innovative solutions, data of the highest calibre, reliable platforms and excellent supporting systems. Our products include workstations, web applications and data feeds packaged with in-depth news and powerful analytical tools empowering clients to make meaningful decisions.
We pride ourselves on our wide variety of in-house skills, encompassing multiple platforms and applications. These skills enable us to not only function as a first class facility, but also design, implement and support all our client needs at a level that confirms I-Net Bridge a leader in its field.
Go to: http://www.inet.co.za
