Cyber criminals hack Internet of Things and smart devices, research shows

Proofpoint security researchers claim internet-enabled household appliances are already being programmed to send out spam emails by hackers.

Researchers have uncovered evidence that hackers have launched cyber attacks on household smart devices.

IT security firm Proofpoint said smart devices, such as internet-enabled fridges and smart TVs, have been used to send out 750,000 spam emails between 23 December and 6 January.

The firm said as the number of connected devices increases, the proof of an "Internet of Things"-based attack taking place "has significant security implications for device owners and Enterprise targets."

Proofpoint said criminal gangs have begun to hijack home routers, smart appliances and other components of the Internet of Things and transform them into "thingbots" to carry out similar malicious activity to botnets.

It said these devices give criminals a "target-rich environment" and poorly protected internet-connected devices may be more attractive and easier to infect than traditional PCs, laptops, and tablets.

"Botnets are already a major security concern, and the emergence of thingbots may make the situation much worse," said Proofpoint security manager Dave Knight.

"Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them," he said.

Michael Osterman, principal analyst at Osterman Research, said this attack heralded a new chapter in cyber security.

"The Internet of Things holds great promise for enabling control of all the gadgets that we use on a daily basis," he said.

"It also holds great promise for cyber criminals who can use our homes' routers, televisions, refrigerators and other internet-connected devices to launch large and distributed attacks."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
BEC scammers are using Google Forms to identify easy victims
phishing

BEC scammers are using Google Forms to identify easy victims

21 Jan 2021
FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is the Raspberry Pi Pico?
Hardware

What is the Raspberry Pi Pico?

21 Jan 2021
WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021