When Did You Last Patch Your Smart Refrigerator?

IoT – Internet of Things – devices are great. Whether it is Siri telling you the score of a sporting event or your refrigerator telling you to buy more milk, it makes life easier.

But there is a problem with them. Many of you know that I am not a real advocate of smart whatevers, but that doesn’t mean you should not use them. It means you should be smart about using them. Understand the risk.

I said there was a problem with IoT devices and here it is. IoT devices have software in them and software has bugs. Bugs could mean that your TV crashes and you have to turn it off and back on. But bugs could also mean that your firewall could quit protecting you and join the other side.

Fast forward to today.

The authors of malware that targets a variety of IoT devices released the source code to the malware on the Internet (GitHub). That means that any script kiddie can use it to infect their own set of IoT devices.

It is named BotenaGo and it comes with exploits for 30 different vulnerabilities for products from vendors like Linksys, D-Link, Netgear and ZTE. And likely, soon, more.

And since you have not patched your smart refrigerator lately (or maybe you have? Have you?), your smart device could be the next source of attack.

Why the authors decided to make it public is not clear. However, that does make it easy for other attackers to use it as the base for their own version of malware. Or many other versions.

AT&T’s Alienvault says that only 3 out of 60 anti-virus products on VirusTotal can detect BotenaGo, but consider this. With the source code out there, hackers could make a hundred variants, none of which might be detected.

AND, are you running anti-virus software on your refrigerator?

Probably the most important thing to do at this point is make sure that your IoT devices are patched – assuming your vendor even releases patches and segment those devices to the maximum degree possible. If they are not patchable, you might want to consider replacing them. New devices should always be self-patching. That way YOU don’t have to worry about patching your refrigerator.

Credit: Dark Reading

Leave a Reply

Your email address will not be published.