Hey, remember this guy at the RSA Conference last year?
Even if you close all of these ports and lock-down your perimeter, you can still be subject to a man-in-the-middle attack on those devices that aren't using SSL and validating the cert chain. A successful cyber-attack on home devices can turn your refrigerator and other devices into “thingbots” that respond to attack commands.
The first big smart appliance botnet attack was recently uncovered by a California based security firm.
Security firm Proofpoint has uncovered a cyberattack that involved the hacking of “smart” home appliances connected to the Internet. Hackers broke into more than 100,000 gadgets — including TVs, multimedia centers, routers, and at least one fridge – and used the appliances to send out more than 750,000 malicious emails between December 23 and January 6.
People love consumer electronics and the Internet of Things, and there's no reason for us to shy away from smart appliances. We just need to make sure our appliances are secure. Some tips:
- Change your default passwords
- Take control / responsibility of your appliance configuration and patches
- Turn off unneeded functions / services
- Segment your network: your media center does not need to talk to your refrigerator
- Audit your devices, or at least investigate abnormal operations such as a device that is running hot
Barracuda provides award-winning security and storage solutions. Check out our full line of products here.