Appliance-based malware

Case study

Many people are susceptible to cyber attacks nowadays and it doesn’t only happen through computer networks. The built-in electronics inside home appliances are a possible entry for malware!

The first incident of such an attack was one in 2013 of the smart refrigerator when a refrigerator-based botnet* was used to attack businesses. *a botnet is a robot network of computers that were infected by malware and are controlled by the attackers. Each individual computer that is under their control is called a bot.

appliance

How does it work?


Often, these kinds of attacks that infect appliances with botnet malware, do not impact the person owning those appliances, but bigger businesses. Thus, the homeowner stays secure and safe and might not even notice anything wrong.

The danger lies in the ability to attack the web through the hacked appliances.

A dangerous example could be a botnet of big home appliances compromised with malware that are power consuming, because if they turn on simultaneously all of a sudden, they could create an immense power draw that could severely damage the power grid of whole cities.

Without displaying any signs, a criminally controlled appliance can generate and send out an immense amount of attacks every minute. Not only will the owners of these appliances not realize that the attack is happening but the latter may be unstoppable until unless the machine itself is disconnected from its web connection.

In addition, the infected appliance can easily spread malware to other “smart” devices and even to the computer networks and connected smartphones. \Every target could be transformed into malicious bot that distribute thousands of infected spam messages and perform cyber-attacks.

How to protect ourselves from appliance-based malware?

Only device manufacturers can protect us from these attacks.

So how do manufacturers fight this type of attack? How can they ensure that home appliances do not get infected with malware and cause disorder?

Security is implemented in the design process for the appliance itself, its various electronic components and control surfaces. Most home appliance manufacturers obtain their control units from a wide network of smaller manufacturers, sometimes with a global supply chain. These vendors must ensure that the chips and the components they use are tamper-proof. security practices that should be used by appliance makers:

  • Embedded Firewall with blacklist and whitelist support – Protect devices and peripherals from attacks by embedding firewall technology directly into the device. The built-in firewall can view incoming messages from the Internet or home network and, using the built-in and regularly updated blacklist, reject any that have not been previously approved.
  • Secure Remote Updates and Alerts –Make sure the firmware inside the device is authenticated and unmodified before allowing any new firmware updates to be installed. Updates ensure that incoming software components have not been modified and are validated software downloads from the device manufacturer.
  • Read more on cyber security here!

    • Conclusion



    Most consumer product and device manufacturers are well-informed about the potential for attacks on smart devices such as door locks, baby monitors, and home thermostats, but this risk awareness must extend to types of connected systems, including home appliances. These systems have been attacked and used to distribute malware. Keeping these devices secure is essential to protect your home network, slow the spread of malware, and even protect credit card numbers or other personal data stored on smart home devices.

    Appliance Based Malware

    Arina Shteyn

    		 next article