NPR : News

Filed Under:

What Do You Do If Your Refrigerator Begins Sending Malicious Emails?

The thing about the Internet of Things, which describes the near future in which all our devices and appliances are connected to the Internet — and one another — is that suddenly they're vulnerable to the dark side of constant connectivity, too. Cybersecurity folks point out it "opens a Pandora's Box of security and privacy risks that cannot be ignored," writes Christophe Fabre, CEO of software services vendor Axway.

Just on the heels of Google joining the smart appliances frontier, the security firm Proofpoint Inc. reports it has uncovered one of the first Internet of Things cyberattacks. (The firm gets hired to, among other things, monitor the email gateways for hundreds of companies, scan them and analyze them for nefariousness.)

Included in the attack were smart TVs, wireless speakers and at least one refrigerator. It turns out refrigerators can send out emails, so just as your email can be hacked, your fridge can, too.

"People should be concerned because unlike PCs and laptops where there are tools and user interfaces where you can tell if something is wrong, there's not a lot to help you tell if your fridge or home audio system has been compromised," says David Knight, general manager of information security for Proofpoint.

Here's how the company says it worked: Sometime between Dec. 23 and Jan. 6, hackers commandeered home routers and the like and used them to send out malicious emails to grow their botnet, or, army of infected devices. Botnets — and now, "ThingBots" — can be used by hackers to perform large-scale cyberattacks against websites by drowning them with traffic.

So as consumers are beginning to buy Internet-connected appliances, Knight says consider the security of those devices, too. And that companies haven't done enough to protect appliances from hacks.

"Many of these devices, without picking on manufacturers, are running old software with known vulnerabilities. They've got very insecure default passwords like [username] admin [password] admin," Knight says. The net effect for consumers, he says — other than degraded machine performance because of compromised software — is that their machines will be busy sending malicious messages "instead of playing music or doing whatever they're supposed to be doing," he says. "They also might cease to function or not be reachable for their intended purpose."

When we learned that a fridge was hacked, my editor wanted to know what was in the fridge, since Proofpoint could easily log into it. But the firm said it didn't peek.

"We chose not to pry into the privacy of this person's refrigerator," Knight says.

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

WAMU 88.5

Art Beat With Lauren Landau, April 21

You can see a visual art exhibit that’s all about birds or check out two Shakespeare plays at a local theater.

NPR

Soup to Nuts, Restaurants Smoke It All

While you won't find cigarettes in restaurants anymore, some smoking isn't banned. It's not just meat, either; it's hot to smoke just about anything edible.
NPR

Obama Trip To Focus On Relations With Asia

President Obama is about to leave on a week's visit to 4 Asian countries. It's the latest effort to refocus U.S. foreign policy on Asia. Like earlier efforts, it's struggling to ward off distractions.
WAMU 88.5

Taking Transit Information Off Mobile Devices And Onto Public Displays

A transportation signage company is trying to change the way D.C. commuters make their transit decisions.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.