Notwithstanding the exciting possibilities of internet connected fridges, there are some cases of fridge that have security vulnerabilities & should be harsh lesson for all Internet of Things (IoT) vendors.

Two Internet Refrigerator Products & Security Risks Case Studies

Contributed by | Jogmon

 

The classic Internet connected home of the future automatically orders milk from the local store when it’s running low in the fridge. While that maybe sometime away, here are two companies integrating your fridge to the internet showing you some possibilities & two security risk case studies from these connected devices.

 

Samsung RF28HMELBSR Internet Fridge

The Samsung 4-Door refrigerator with 8" Wi-Fi Enabled LCD will allow you to browse the web, access apps and connect to other Samsung smart devices – opening up a world of interactive communication and entertainment.

 

ChillHub by FirstBuild

 

FirstBuild is a partnership between GE Appliances and Local Motors to create a new model for the appliance industry, engaging a community of industrial designers, scientists, engineers, makers and early adopters to address some of the toughest engineering challenges and innovations. ChillHub is a refrigerator with USB capabilities and WiFi connected. This will give developers a platform to create awesome new add-on products like a butter softener compartment, food scale/weight sensor, deodorizer, auto-fill water pitcher, temperature modules, baby bottle IR, external speakers, voice control, etc.

Notwithstanding the exciting possibilities of internet connected fridges, there are some cases of fridge that have security vulnerabilities & should be harsh lesson for all Internet of Things (IoT) vendors. Here are two examples of Security Risks from Internet fridges:

 

Samsung Internet fridge Security Vulnerability

Whilst the fridge implements SSL, it FAILS to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. This includes those made to Google's servers to download Gmail calendar information for the on-screen display. So, MITM the victim’s fridge from next door, or on the road outside and you can potentially steal their Google credentials.

 

IoT Attack Uncovered by Proofpoint

The global attack campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets such as home-networking routers, connected multi-media centers, televisions and at least one refrigerator that had been compromised and used as a platform to launch attacks. The attack that Proofpoint observed and profiled occurred between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting Enterprises and individuals worldwide. More than 25 percent of the volume was sent by things that were not conventional laptops, desktop computers or mobile devices; instead, the emails were sent by everyday consumer gadgets such as compromised home-networking routers, connected multi-media centers, televisions and at least one refrigerator. No more than 10 emails were initiated from any single IP address, making the attack difficult to block based on location -- and in many cases, the devices had not been subject to a sophisticated compromise; instead, misconfiguration and the use of default passwords left the devices completely exposed on public networks, available for takeover and use.

 

About Jogmon
Jogmon covers open source, sensors, IoT & related topics.

 


Comments (0)

This post does not have any comments. Be the first to leave a comment below.


Post A Comment

You must be logged in before you can post a comment. Login now.

Featured Product

Octava -4K UHD Video Over LAN Matrix Switch. Video Wall Processor

Octava -4K UHD Video Over LAN Matrix Switch. Video Wall Processor

The Octava PRO DSX is a simple to use, powerful video distribution solution designed to deliver HD video including 4k UHD from multiple sources to multiple displays. The PRO DSX also functions as a Video Wall processor to create n x m video walls. The PRO DSX delivers HD video over standard CATx LAN cables allowing for simple integration in virtually any infrastructure. The PRO DSX was specifically designed for ease of use for residential installations and engineered for scalability to accommodate large video distribution systems such as education, corporate , and hospitality applications. Easy to configure and customize for your video system - Build virtually any size video matrix switch system. The Pro DSX is a scalable platform enabling easy system growth. Simply add PRO DSX TX for each video sources required and a PRO DSX-RX per display. Video Wall Support- The PRO DSX features a built-in video wall processor that enables you to create custom video walls.