ProofPoint Uncovers Successful Malicious eMail Activity and Finds Security Holes in the Internet of Things
On January 16, 2014 ProofPoint published a press release, titled ProofPoint Uncovers Internet of Things (IoT) Cyberattack. According to the company, some 750K “Phishing and SPAM emails” were uncovered through ProofPoint’s efforts. The sources of these attacks were traced back to a set of home entertainment centers, televisions and “at least one refrigerator”.
This information should help people interested in the notion of IoT to better understand the range of devices included in the scope of the first significant hack attempt on this type of data communications.. Conspicuously absent from the list of compromised devices included in the release are smart thermostats, electric meters, HVAC systems or even home security systems. But it is increasingly likely the attackers will soon begin to penetrate HVAC systems, etc. Certainly the risk of successful attempts to compromise an HVAC system is a magnitude greater, even than the risk of a rogue smart refrigerator sending spam emails.
The ProofPoint release also helps us better understand why hackers are targeting IoT devices. The malicious exploits amounted to efforts to turn smart appliances into broadcast resources for junk email, and phishing attempts. The objective is clearly nefarious as ProofPoint’s release points out: “Cyber criminals intent on stealing individual identities and infiltrating enterprise IT systems have found a target-rich environment in these poorly protected internet connected devices that may be more attractive and easier to infect and control than PC, laptops, or tablets.” (quoted from ProofPoint’s Press Release. I’ve provided a link to the complete press release earlier in this post).
Consumers of these smart appliance and home convenience devices may want to read ProofPoint’s release before connecting one of them to the Internet. Investors keen on the IoT trend may also want to read the release, if for no other reason than to get a sense of the magnitude of a negative black swan event, and its potential destructive damage on businesses marketing IoT solutions.
© IMB Enterprises, Inc. & Ira Michael Blonder, 2013 All Rights Reserved