Computer security: Spam in the fridge
“THE internet of things” is one of the buzziest bits of jargon around in consumer electronics. The idea is to put computers in all kinds of products—televisions, washing machines, thermostats, refrigerators—that have not, traditionally, been computerised, and then connect those products to the internet.
If you are in marketing, this is a great idea. Being able to browse the internet from your television, switch on your washing machine from the office or have your fridge e-mail you to say that you are running out of orange juice is a good way to sell more televisions, washing machines and fridges. If you are a computer-security researcher, though, it is a little worrying. For, as owners of desktop computers are all too aware, the internet is a two-way street. Once a device is online, people other than its owners may be able to connect to it and persuade it to do their bidding.
On January 16th a computer-security company called Proofpoint said it had seen exactly that happening. It reported the existence of a group of compromised computers which was at least partly comprised of smart devices, including home routers, burglar alarms, webcams and a refrigerator. The devices were being used to send spam and “phishing” e-mails, which contain malware that tries to steal useful information such as passwords.
The network is not particularly big, as these things go. It contains around 100,000 devices and has sent about 750,000 e-mails. But it is a proof of concept, and may be a harbinger of worse to come—for the computers in smart devices make tempting targets for writers of malware. Security is often lax, or non-existent. Many of the computers identified by Proofpoint seem to have been hacked by trying the factory-set usernames and passwords that buyers are supposed to change. (Most never bother.) The computers in smart devices are based on a small selection of cheap off-the-shelf hardware and usually run standard software. This means that compromising one is likely to compromise many others at the same time. And smart devices lack many of the protections available to desktop computers, which can run antivirus programs and which receive regular security updates from software-makers.
Ross Anderson, a computer-security researcher at Cambridge University, has been worrying about the risks of smart devices for years.
The Latest on: Compromised computers
via Google News
The Latest on: Compromised computers
- The human mind is in danger of being hacked, warns Israeli author Hararion January 22, 2020 at 6:55 am
“If you have enough data about me and enough computer power and biological knowledge, you can hack my body, my brain, my life,” he said. “You can reach a point where you know me better than I know ...
- Travelex insists no data hacked as cyber attack continueson January 21, 2020 at 1:10 am
The foreign currency broker's chief executive said Travelex is making "good progress" in getting its systems back online.
- Election-security expert says publicly exposed Georgia server looks to have been hackedon January 20, 2020 at 3:57 am
A computer security expert says he found that a forensic image of the election server central to a legal battle over the integrity of Georgia ...
- A Georgia election server was vulnerable to Shellshock and may have been hackedon January 18, 2020 at 7:41 am
Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full ...
- Colonie's computer system down after cyber attackon January 17, 2020 at 9:20 am
COLONIE — The town of Colonie’s computer system was down Friday due to a cyberattack, forcing many departments to run their operations offline, town officials said Friday, noting that systems should ...
- Georgia election systems could have been hacked before 2016 voteon January 16, 2020 at 8:07 pm
But if the server was compromised, it could have been a vehicle to distribute malware to any county ... or to post malware that could have infected the computers of election officials accessing the ...
- Why Didn’t Trump Tell Congress There Was Evidence Russia Hacked Burisma?on January 14, 2020 at 12:33 pm
In the wake of a report by a computer security firm claiming Russian hackers recently waged a “successful” phishing attack against Burisma, the gas company U.S. officials pressed Ukraine to ...
- Russians hacked Ukraine company Burisma at heart of Trump impeachment, report sayson January 14, 2020 at 8:41 am
Area 1 Security reported that members of Russian military intelligence launched a campaign to steal email credentials from workers at Burisma Holdings.
- Russians hacked Ukraine company Burisma at heart of Trump impeachment, cybersecurity firm sayson January 14, 2020 at 8:20 am
WASHINGTON – A computer security company reported Monday that Russian hackers sought access ... One target was John Podesta, the campaign manager for Democratic presidential nominee Hillary Clinton, ...
- Russians hacked company key to Ukraine scandal: researcherson January 13, 2020 at 7:27 pm
A U.S. cybersecurity company says Russian military agents have successfully hacked the Ukrainian gas company at the center of the scandal that led to President Donald Trump's impeachment. Russian ...
via Bing News