Malware Invades the Internet of Things

by Matt Klassen on January 27, 2014

In 2011 online security firm McAfee warned that the proliferation of connected devices in non-traditional markets would only increase the threat from malware and other malicious cyber-attacks, stating that while having one’s smartphone hacked is certainly a troublesome headache, just imagine how bad things would be if your car, or perhaps even home appliances like your fridge or toilet, fell victim to a hacker.

At the time the warnings fell on deaf ears, most considering such caution to be fear-mongering from a firm trying to better situate itself for the growing ‘connected everything’ future. Since then the expansion of the otherwise known Internet of Things has continued unabated, with online functions now in our televisions, home appliances, home systems, and everything else in between, both manufacturers and users blissfully ignorant of the latent threat those devices now pose.

With that in mind, you can imagine how quickly the collective ears of the security world perked up when a recent report indicated that web-connected refrigerators, a hallmark of pointless online functionality, have been turned against their users, recruited in a massive botnet attack that has realized our SkyNet related fears of our essential technologies being turned against us. If this report proves true, it would serve as the first instance of Internet-connected appliances being comprised in this way, but the question remains, is the news accurate?

According to Proofpoint, the security firm that initially published this report, this botnet has recruited over 100,000 machines across the ever-expanding gamut of web-connected appliances, and notably has sent no more than 10 pieces of email spam per IP address. If true, this means that one of the largest botnets in history is working covertly to turn our fridges against us, keeping our food fresh and sending fresh spam to us at the same time.

But as tech website Ars Technica notes, not everything may be as it seems with Proofpoints report, and the media and tech world, both desperate for a security hiccup in this Internet of Things, has drank the Kool Aid without first doing their due diligence. The problem is first that the size of a botnet and what sorts of devices are being used are difficult to estimate, particularly using the Proofpoint’s technique of scanning public IP addresses.

Further, sending only 10 spam messages per IP address in a botnet is unusual. “Traditional spam botnets will push infected PCs to send as many messages as its resources allow,” said Ars reporter Dan Goodin. “The botnet reported by Proofpoint requires too much effort and not enough reward.”

While we await confirmation either of Proofpoints findings or Ars Technica’s suspicions, you can bet that there are many hoping for some evidence that their concerns surrounding our reckless expansion of the Internet have finally proved true, not to mention those who just want to laugh at the irony that our most trusted home appliances have been turned against us, because the truth of the matter is, regardless of the veracity of this report, its inevitable that malware will invade the Internet of Things…I just hope I’m not sitting on the toilet when it does.

Did you like this post ? publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. Follow by: RSS, Twitter, Facebook, or YouTube.

{ 1 trackback }

Google Acquires London-Based Artificial Intelligence Startup DeepMind for $400 Million —
January 27, 2014 at 6:14 am

Comments on this entry are closed.

Previous post:

Next post: