In a shocking development, over three million smart toothbrushes infected with malware were used to carry out a sizable Distributed Denial of Service (DDoS) attack. This event underscores the growing vulnerabilities associated with internet-connected devices, particularly those that may be overlooked in terms of security, such as smaller, everyday household items.
These smart devices, ranging from body scales and washing machines to toothbrushes, often do not receive regular security updates like computers and smartphones do. This troubling reality came to the fore when a Swiss company’s website became the target of a DDoS attack, as reported by a Swiss German-language newspaper. The attack, executed by the malware-infected toothbrushes, caused the company’s servers to collapse, rendering the website out of service for four hours. This incident resulted in millions of euros in damages.
Fortinet, a cybersecurity firm, emphasized the threat that any internet-connected device poses. They can be exploited for malicious activities if they are not properly secured. Vulnerable devices include not only significant items like smart cameras but also those seemingly innocuous gadgets we use daily.
For consumers, adopting a proactive stance on security is crucial. Where available, enabling automatic updates for all internet-connected home devices is a step in the right direction. This ensures that devices are regularly updated with the latest security patches. However, this strategy is only effective if the device manufacturers provide the necessary updates.
Where updates are not an option, the recommendation is to either disconnect devices from the internet or monitor them closely, particularly their upload and download activities. Large data transfers or usage patterns outside the norm can often signal that a device has been compromised. An example of such unusual activity was found in a smart washing machine, which was transferring around 3.6 GB of data daily.
The recent events highlight the importance of being vigilant with internet-connected devices. Ensuring devices are up to date or safeguarded against unauthorized access is essential to prevent them from becoming part of a cyberattack. Sharing the details of this incident can help raise awareness about the potential risks of smart gadgets and the importance of cybersecurity in the Internet of Things (IoT) era.
