The Swiss newspaper Aargauer Zeitung reports that hackers hacked about 3 million smart toothbrushes in order to use them to carry out a DDoS attack. At the same time, the attack turned out to be quite effective. It allowed to block the work of the Swiss company for several hours, causing losses of millions of euros.
There are not many details. It is only known that the hacked toothbrushes used Java, a popular language for Internet of Things devices. After being infected, a global network of malicious toothbrushes launched an attack. Repurposed toothbrushes sent fake traffic to the company’s website, effectively blocking services and causing mass disruptions.
This curious case highlights how the threat landscape is expanding as the Internet of Things spreads. Almost any device can now threaten security, privacy, and economic stability by being an entry point for cybercriminals.
“Every device connected to the Internet is a potential target or can be used for an attack,” said Stephan Zuger, director of system design at the Swiss office of the security company Fortinet.
As DataBank CIO Mark Haupt explained, many IoT devices are inherently insecure for two key reasons: disdain and the lack of an interface to which security measures and protections can be added. The user has no control over the safety settings of the toothbrush. And cannot install an antivirus program on the refrigerator. So if security measures were neglected by the developer at the design stage, the user remains face to face with a potentially dangerous device.
Taking into account the new realities, owners of Internet of Things devices need to follow some recommendations to try to ensure the security of their gadgets. You need to install updates for your devices if they are released by the manufacturer. Do not charge your device via a public USB port and avoid public Wi-Fi connections, as they can be used to infect malware. A firewall should be configured in the home network.
The LG washing machine sent 3.66 GB of data each day. For this, she was locked out of Wi-Fi
Source: zdnet