Someone's refrigerator just took part in a malicious cyberattack

[InfoSec News <alerts () infosecnews org>]

http://qz.com/167817/someones-refrigerator-just-took-part-in-a-malicious-cyberattack/

By Christopher Mims
Quartz
January 16, 2014

Between December 23 and January 6, more than 100,000 internet-connected 
smart "things," including media players, smart televisions and at least 
one refrigerator, were part of a network of computers used to send 750,000 
spam emails. So says a study just released by enterprise security company 
Proofpoint. This is the first time anyone in the security industry has 
proved that devices that are part of the internet of things are being used 
just as PCs have been for decades -- as part of "zombie" networks of 
computers used to do everything from sending spam to mining bitcoin.

It’s long been known that smart devices are among the most insecure 
computers on the internet, but it appears that hackers are finally taking 
advantage of the fact that everything from our toasters to our lightbulbs 
will soon be internet connected -- and ripe for compromising.

"Bot-nets are already a major security concern and the emergence of 
thingbots may make the situation much worse," said Proofpoint security 
manager Dave Knight in a prepared statement.

In the same statement, security analyst Michael Osterman summed it up like 
this: "Internet-enabled devices represent an enormous threat because they 
are easy to penetrate, consumers have little incentive to make them more 
secure, the rapidly growing number of devices can send malicious content 
almost undetected, few vendors are taking steps to protect against this 
threat, and the existing security model simply won’t work to solve the 
problem."

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/