What Do You Do If Your Refrigerator Begins Sending Malicious Emails? | WAMU 88.5 - American University Radio

NPR : News

Filed Under:

What Do You Do If Your Refrigerator Begins Sending Malicious Emails?

The thing about the Internet of Things, which describes the near future in which all our devices and appliances are connected to the Internet — and one another — is that suddenly they're vulnerable to the dark side of constant connectivity, too. Cybersecurity folks point out it "opens a Pandora's Box of security and privacy risks that cannot be ignored," writes Christophe Fabre, CEO of software services vendor Axway.

Just on the heels of Google joining the smart appliances frontier, the security firm Proofpoint Inc. reports it has uncovered one of the first Internet of Things cyberattacks. (The firm gets hired to, among other things, monitor the email gateways for hundreds of companies, scan them and analyze them for nefariousness.)

Included in the attack were smart TVs, wireless speakers and at least one refrigerator. It turns out refrigerators can send out emails, so just as your email can be hacked, your fridge can, too.

"People should be concerned because unlike PCs and laptops where there are tools and user interfaces where you can tell if something is wrong, there's not a lot to help you tell if your fridge or home audio system has been compromised," says David Knight, general manager of information security for Proofpoint.

Here's how the company says it worked: Sometime between Dec. 23 and Jan. 6, hackers commandeered home routers and the like and used them to send out malicious emails to grow their botnet, or, army of infected devices. Botnets — and now, "ThingBots" — can be used by hackers to perform large-scale cyberattacks against websites by drowning them with traffic.

So as consumers are beginning to buy Internet-connected appliances, Knight says consider the security of those devices, too. And that companies haven't done enough to protect appliances from hacks.

"Many of these devices, without picking on manufacturers, are running old software with known vulnerabilities. They've got very insecure default passwords like [username] admin [password] admin," Knight says. The net effect for consumers, he says — other than degraded machine performance because of compromised software — is that their machines will be busy sending malicious messages "instead of playing music or doing whatever they're supposed to be doing," he says. "They also might cease to function or not be reachable for their intended purpose."

When we learned that a fridge was hacked, my editor wanted to know what was in the fridge, since Proofpoint could easily log into it. But the firm said it didn't peek.

"We chose not to pry into the privacy of this person's refrigerator," Knight says.

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

NPR

Adding Color To 'The Great White Way'

NPR's Michel Martin asks a panel of award-winning playwrights how diverse artists are challenging Broadway's landscape, and whether it matters.
NPR

Syrup Induces Pumpkin-Spiced Fever Dreams

Hugh Merwin, an editor at Grub Street, bought a 63-ounce jug of pumpkin spice syrup and put it in just about everything he ate for four days. As he tells NPR's Scott Simon, it did not go well.
NPR

Texas Gubernatorial Candidates Go To The Border To Court Voters

Republicans have won every statewide office in Texas for 20 years, but the growing Hispanic population tends to vote Democrat, and the GOP's survival may depend on recruiting Hispanic supporters.
NPR

Drivers, Passengers Say Uber App Doesn't Always Yield Best Routes

People love Uber, but they often complain the Uber app's built-in navigation doesn't give its drivers the best directions. The company says the app helps drivers and passengers travel efficiently.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.