Computer security: Spam in the fridge
“THE internet of things” is one of the buzziest bits of jargon around in consumer electronics. The idea is to put computers in all kinds of products—televisions, washing machines, thermostats, refrigerators—that have not, traditionally, been computerised, and then connect those products to the internet.
If you are in marketing, this is a great idea. Being able to browse the internet from your television, switch on your washing machine from the office or have your fridge e-mail you to say that you are running out of orange juice is a good way to sell more televisions, washing machines and fridges. If you are a computer-security researcher, though, it is a little worrying. For, as owners of desktop computers are all too aware, the internet is a two-way street. Once a device is online, people other than its owners may be able to connect to it and persuade it to do their bidding.
On January 16th a computer-security company called Proofpoint said it had seen exactly that happening. It reported the existence of a group of compromised computers which was at least partly comprised of smart devices, including home routers, burglar alarms, webcams and a refrigerator. The devices were being used to send spam and “phishing” e-mails, which contain malware that tries to steal useful information such as passwords.
The network is not particularly big, as these things go. It contains around 100,000 devices and has sent about 750,000 e-mails. But it is a proof of concept, and may be a harbinger of worse to come—for the computers in smart devices make tempting targets for writers of malware. Security is often lax, or non-existent. Many of the computers identified by Proofpoint seem to have been hacked by trying the factory-set usernames and passwords that buyers are supposed to change. (Most never bother.) The computers in smart devices are based on a small selection of cheap off-the-shelf hardware and usually run standard software. This means that compromising one is likely to compromise many others at the same time. And smart devices lack many of the protections available to desktop computers, which can run antivirus programs and which receive regular security updates from software-makers.
Ross Anderson, a computer-security researcher at Cambridge University, has been worrying about the risks of smart devices for years.
The Latest on: Compromised computers
[google_news title=”” keyword=”Compromised computers” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
via Google News
The Latest on: Compromised computers
- Stalkerware company Spytech compromised, data reveals thousands of remotely controlled deviceson July 25, 2024 at 11:42 am
Spytech Software, a Minnesota-based company that produces SpyAgent and similar programs, has been breached. TechCrunch was able to access a cache of files taken from Spytech's ...
- Hacked, leaked, exposed: Why you should never use stalkerware appson July 25, 2024 at 10:40 am
Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.
- Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malwareon July 25, 2024 at 6:00 am
A little-known spyware maker based in Minnesota has been hacked, TechCrunch has learned, revealing thousands of devices around the world under its stealthy remote surveillance. A person with knowledge ...
- U-M cyberattack compromised Michigan Medicine patient data of 56,000 peopleon July 22, 2024 at 2:17 pm
Patient information may have been accessed when employee emails and attachments were hacked between May 23-May 29 at Michigan Medicine.
- Computer scam targets SLO County seniors, sheriff warns. One lost $120,000on July 19, 2024 at 4:02 pm
The San Luis Obispo County Sheriff’s Office has received numerous reports of a computer scam that’s targeting seniors throughout the county, including one report of an individual who lost over ...
- The MTA’s Old Computer Technology Kept Going During the Global Tech Outageon July 19, 2024 at 2:25 pm
Most of the Cuomo-era countdown clocks on the lettered subway lines failed; the old ones on the numbered lines did not.
- CrowdStrike Founder/CEO Visibly Uncomfortable When Asked How One "Software Bug" Could Cripple Computers Across The Worldon July 19, 2024 at 1:45 pm
George Kurtz, the founder and CEO of cybersecurity firm CrowdStrike, explains on NBC's "Today Show" how their company took down millions of computers --including air travel, banks, and more -- around ...
- Get a suspicious pop-up on your computer? Sheriff's officials warn it could be a scamon July 19, 2024 at 9:33 am
According to the sheriff's office, victims have reported getting a pop-up on their computers that says the computer has been compromised and to immediately call a phone number to prevent any loss.
- Computer pop-up warning issued as security breaches riseon July 19, 2024 at 4:25 am
Computer pop-ups warning about a security breach are on the rise. Well, guess what? The pop-ups themselves are the actual, real danger. “There was a profile—a darkened profile—of a person in the ...
- Indiana school refutes dark web claims it was hacked by Russia-linked cybercrime syndicateon July 16, 2024 at 7:45 am
"We are confident that the claims by the third-party bad actor are false,” the Richland Bean-Blossom Community School Corp. said.
via Bing News