Computers, tablets and Smartphones are not the only devices vulnerable to hackers.
More than 100,000 Smart devices, such as home-networking routers, connected multi-media centers, televisions and at least one refrigerator, have been used in a global attack campaign to launch more than 750,000 malicious e-mail communications.
Hackers sent bursts of 100,000 malicious e-mails three times daily between Dec. 23 and Jan. 6 to businesses and individuals across the globe — the first proven Internet of Things cyber-attack, Proofpoint has discovered.
“Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse,” said Proofpoint Information Security division general manager David Knight”. Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them”.
Only 10 e-mails at the most were initiated from any single IP address, which makes the attack more difficult to block based on location, Proofpoint said in a press release.
“In many cases, the devices had not been subject to a sophisticated compromise; instead, misconfiguration and the use of default passwords left the devices completely exposed on public networks, available for takeover and use,”” the company press release said.
“As the number of such connected devices is expected to grow to more than four times the number of connected computers in the next few years according to media reports, proof of an IoT-based attack has significant security implications for device owners and Enterprise targets.”