Maybe you didn’t shop at Target, and maybe even the NSA shenanigans don’t freak you out all that much. But what if you learned that your refrigerator or television were spying on you — or, at least, facilitating the spying of others? It seems that all those smart gadgets have made some consumers vulnerable to a recent cyberattack.
Security provider Proofpoint, Inc. recently announced evidence of a cyberattack that exploited the ubiquitous “Internet of Things” (which happened to be the theme of this year’s CES) at some point between December 23, 2013 and January 6, 2014. They believe the global attack came from over 100,000 common household objects, such as networking routers, televisions, and at least one smart refrigerator and resulted in at least 750,000 phishing and spam emails. The malicious emails came three times a day in waves of 100,000, and over 25% of those emails were sent by devices other than computers.
Hackers and cyber-criminals can turn smart appliances and other connected devices into “thingbots” that will conduct whatever malicious activity floats the criminals’ boats. Identify theft is a particular concern, given that these devices can provide entry to most, if not all of the personal information someone would need to access accounts, passwords, and other personal information. In the recent attack, a single IP address generated fewer than 10 emails, which makes identifying and blocking such attacks much more difficult. Proofpoint isn’t sure whether the attacks were random or focused on specific targets, nor have they confirmed the identities of the victims or the extent or success of the breach.
Given that internet-connected devices already outnumber people (at least in America) and are expected to quadruple in number over the next few years — the International Data Corporation believes that by 2020, there will be over 30 billion connected devices on Earth. Smart devices pose an increasing security risk for their owners, especially because they’re generally far less protected (if they’re protected at all) from viruses or breaches than PCs.
I guess where there’s a vulnerability, there’s a market — someone will come up with software and firewalls to protect our smart devices. But at the same time, hackers and cyber-criminals will continue to get better at infiltrating our information through our devices. This doesn’t make me feel any better about Google’s foray into smart appliances, nor their development of smart contact lenses (more on this tomorrow). At some point in the future, we’ll probably feel nostalgic for the simple days when computers were the only targets of hackers. And I sure as hell don’t want someone hacking my bra!