Barracuda

Security, Access and Reliability for Cloud-Connected Networks and Applications

Header Right

Main navigation

You are here: Home / Network and Application Security / The Internet of Things is spamming you now

The Internet of Things is spamming you now

by

Share
Tweet

Hey, remember this guy at the RSA Conference last year?

Mobile and the Connected World – Kevin Mahaffey – Click here to watch video
 I blogged about this presentation here. I loved his presentation; he took us through all of the open ports in the connected world. Does your coffee machine run an SSH daemon? (Kevin's does) Who is responsible for patch management on your thermostat? Is your microwave pulling code from the Internet?

Even if you close all of these ports and lock-down your perimeter, you can still be subject to a man-in-the-middle attack on those devices that aren't using SSL and validating the cert chain. A successful cyber-attack on home devices can turn your refrigerator and other devices into “thingbots” that respond to attack commands.

The first big smart appliance botnet attack was recently uncovered by a California based security firm.

Security firm Proofpoint has uncovered a cyberattack that involved the hacking of “smart” home appliances connected to the Internet. Hackers broke into more than 100,000 gadgets — including TVs, multimedia centers, routers, and at least one fridge – and used the appliances to send out more than 750,000 malicious emails between December 23 and January 6.

People love consumer electronics and the Internet of Things, and there's no reason for us to shy away from smart appliances. We just need to make sure our appliances are secure. Some tips:

  • Change your default passwords
  • Take control / responsibility of your appliance configuration and patches
  • Turn off unneeded functions / services
  • Segment your network: your media center does not need to talk to your refrigerator
  • Audit your devices, or at least investigate abnormal operations such as a device that is running hot

What do you think? Did you watch Kevin's presentation? Anything to add? Connect with us on Facebook,LinkedInTwitter or Google +. Check out our videos on YouTube.

Barracuda provides award-winning security and storage solutions. Check out our full line of products here.

 

Christine Barry

Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda.  In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams.  Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years.  She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration.  She is a graduate of the University of Michigan.

Connect with Christine on Twitter or LinkedIn.

.
.