Thanks to Silicon Valley’s new idea of an “internet of things,” also called the IoT, a refrigerator has been caught sending out spam, but not the edible kind. Hackers took over the refrigerator as well as a wide variety of household objects and used them as servers to send out spam email messages to thousands of people. Over 750,000 spam messages were sent in batches of 100,000 each several times per day.
The attack was global, and due to the way the hackers undertook their project, virtually untraceable. It was designed to take over household “smart” gadgets like home media systems, computers, phones and even televisions. The hackers were successful in taking over 100,000 personal devices and then using those objects to send out the spam emails.
The attack is being blamed, in part, on insufficient security set up on the so-called “smart” devices. Experts involved in the case say that these types of attacks are becoming much more common and that there’s no way at the present time to ensure homeowners would know how to prevent an attack from occurring or fix the device once it’s been compromised.
If the idea of hackers tapping into home owners’ private gadgets weren’t creepy enough, the attack, collectively, has been given a name straight out of a horror movie: a “thingbot.” To complicate matters even further, there’s now a sort of “war of the nerds” going on between techies with regard to whether the compromised devices really included a refrigerator or not. Blogger Dan Goodin of the tech blog Arstechnia has doubts about whether the attack definitely included refrigerators and televisions. He says the attacks could have all stemmed from people’s home computers. Apparently he feels that there is some important distinction between a computer and a refrigerator, as if the attack coming from someone’s home computer is any less scary than one stemming from a refrigerator.
Goodin says that while the reports are “plausible,” he has doubts, and asks “Isn’t it possible that a home network with a misconfigured smart device might also have an infected Windows XP laptop that was churning out the malicious e-mails?”
Does it really matter which device sent the spam emails? Hackers broke in to devices in people’s private homes. If a refrigerator is a “smart” device, then it’s essentially a computer with other components. It’s odd when technology evangelists treat computers as if they are alive, have personalities or are somehow distinct from one another.
Despite Goodin’s skepticism, the company that identified the attack, Proofpoint, says it’s clear that a quarter of the messages did not come from computers, either laptops or desktops. That leaves the rest of the households’ smart devices which participated in the incident.
It seems that a refrigerator has been caught sending out spam. The edible kind would have been so much better. It would also be a lot easier to swallow than the thought of hackers breaking in to private homeowners’ gadgets; computers or otherwise. Hopefully the incident will shed light on the need for much stricter security measures to be implemented in these so-called “smart” products.
By: Rebecca Savastio