Hacked smart toothbrushes: how a DDoS attack worth millions of euros turned out to be just a myth
Smart toothbrushes could become tools for DDoS attacks
The Aargauer Zeitung newspaper reports that hackers were able to hack about 3 million smart toothbrushes and use them as tools for massive DDoS attacks . This disrupted the Swiss company's operations for several hours and caused significant financial damage.
Smart toothbrush hacking
According to the newspaper, hackers used the popular Java programming language to infect smart toothbrushes. It appears that the compromised devices joined a global network of malicious hackers that consistently attacked the company's target website. The attackers created fictitious traffic, which led to blocking of services and serious disruptions to the company's operations.
UPDATED: As it turns out, the original Aargauer Zeitung article only described a likely attack scenario using smart toothbrushes. Fortinet, mentioned in the article, has not confirmed this particular attack and said it was misinterpreted.
Threat to the Internet of Things
“Every device connected to the Internet can be targeted or used in an attack,” noted Stefan Zuger, director of systems engineering at the Swiss office of the security company Fortinet.
This incident highlights the expanding threats associated with the rise of the Internet of Things. Now almost any device can become a source of threats to security, privacy and economic stability.
Disadvantages of IoT devices
“Many IoT devices are insecure for two main reasons: insufficient attention to security during the development phase and the lack of an interface to implement additional security measures,” explains Mark Houpt, chief information security officer at DataBank.
Users cannot control the security settings of their smart toothbrushes or install antivirus software on their refrigerators. If developers don't pay enough attention to security when designing devices, then users are left alone with poorly protected devices.
Tips for owners of smart devices
To ensure the security of their Internet of Things gadgets, owners are advised to follow some rules:
- Install updates offered by the manufacturer in a timely manner.
- Do not charge devices through public USB ports and avoid open Wi-Fi networks to minimize the risk of infection.
- Set up a firewall on your home network for added protection.
- DDoS - distributed attack on a server with the aim of disconnecting it from the network
- Java is a popular programming language used for developing web applications and Internet of Things devices.
- Fortinet is a company developing security and data protection systems.
- DataBank is a company specializing in cloud data storage and information security services.