Computer security: Spam in the fridge
“THE internet of things” is one of the buzziest bits of jargon around in consumer electronics. The idea is to put computers in all kinds of products—televisions, washing machines, thermostats, refrigerators—that have not, traditionally, been computerised, and then connect those products to the internet.
If you are in marketing, this is a great idea. Being able to browse the internet from your television, switch on your washing machine from the office or have your fridge e-mail you to say that you are running out of orange juice is a good way to sell more televisions, washing machines and fridges. If you are a computer-security researcher, though, it is a little worrying. For, as owners of desktop computers are all too aware, the internet is a two-way street. Once a device is online, people other than its owners may be able to connect to it and persuade it to do their bidding.
On January 16th a computer-security company called Proofpoint said it had seen exactly that happening. It reported the existence of a group of compromised computers which was at least partly comprised of smart devices, including home routers, burglar alarms, webcams and a refrigerator. The devices were being used to send spam and “phishing” e-mails, which contain malware that tries to steal useful information such as passwords.
The network is not particularly big, as these things go. It contains around 100,000 devices and has sent about 750,000 e-mails. But it is a proof of concept, and may be a harbinger of worse to come—for the computers in smart devices make tempting targets for writers of malware. Security is often lax, or non-existent. Many of the computers identified by Proofpoint seem to have been hacked by trying the factory-set usernames and passwords that buyers are supposed to change. (Most never bother.) The computers in smart devices are based on a small selection of cheap off-the-shelf hardware and usually run standard software. This means that compromising one is likely to compromise many others at the same time. And smart devices lack many of the protections available to desktop computers, which can run antivirus programs and which receive regular security updates from software-makers.
Ross Anderson, a computer-security researcher at Cambridge University, has been worrying about the risks of smart devices for years.
The Latest on: Compromised computers
via Google News
The Latest on: Compromised computers
- Dallas ISD Zoom Meeting Hacked, How to Keep Meetings Safeon May 13, 2020 at 4:16 am
According to the district, a Dallas ISD Zoom meeting with parents and seniors was hacked and graphic images were briefly displayed in the meeting.
- Basking Ridge's Network Possibly Hacked, Investigation Launchedon May 12, 2020 at 11:35 am
Bernards Township is working with third-party computer forensics specialists to determine the full nature and scope of this incident.
- How to Check if Your Thunderbolt Ports Can Be Hackedon May 11, 2020 at 3:31 pm
If you have a computer with Thunderbolt ports, you may be at risk of a serious firmware flaw known as “Thunderspy.” The vulnerability, which was discovered by security researcher Björn Ruytenberg, ...
- Dallas ISD Zoom call hacked with child porn imageson May 9, 2020 at 2:06 am
A zoom call to discuss school graduations ended abruptly after images of child porn came up. A source says nearly 60 students, parents and educators were on the call ...
- Hacked VPN likely started Mitsubishi Electric attackson May 8, 2020 at 1:09 am
A virtual private network (VPN) router in China was apparently the starting point for a series of cyberattacks against Mitsubishi Electric Corp. that leaked defense secrets and private information, ...
- 31% of remote workers have had passwords compromisedon May 7, 2020 at 5:14 am
Almost one third of all Irish workers have had an online account compromised since they began working from home.
- Microsoft's GitHub account hacked, private repositories stolenon May 6, 2020 at 5:04 pm
A hacker has claimed to have hacked into Microsoft's GitHub account and downloaded over 500GB of 'Private' repositories, BleepingComputer has learned.
- Cyber Security Today – World Password Day advice, GoDaddy hosting accounts hacked and WordPress sites under attackon May 6, 2020 at 4:19 am
World Password Day advice, GoDaddy hosting accounts hacked and WordPress sites under attack. Welcome to Cyber Security Today. It's Wednesday May 6th.
- Hashtag Trending – WeWork’s ex-chief sues SoftBank; Children’s computer game gets hacked; IBM Thinkon May 6, 2020 at 2:09 am
WeWork's ex-chief sues SoftBank, a popular children’s computer game gets hacked, and IBM’s Think conference goes virtual this week. WeWork cofounder and ...
- Tesla has been getting rid of computers without wiping them — compromising customer accountson May 4, 2020 at 7:16 am
Tesla has been throwing away computers without wiping them, leaving some customer accounts compromised. Be aware if Tesla ever had to replace your onboard computer. With Tesla Autopilot computer ...
via Bing News