Today during a Twitter discussion about RaaS (ransomware as a service), John Obeto mentioned that two of the the refrigerators in house had been trying to communicate with the world. He couldn’t quiet his chatty fridges down unless he upgraded the firmware on those devices, which would probably mean connecting those fridges to his home network.
It’s been demonstrated that IoT devices can be targeted by ransomware. They proved it at defcon this year, by hacking an IoT thermostat. Can you imagine having to pay someone to give you control back of the thermostat in your house? Can you imagine someone gaining control and turning the heat on high in the middle of a Texas summer?
And let’s not forget the internet meltdown a few weeks ago, caused by a botnet made of IoT devices.
How are we in this situation? Why aren’t manufacturers doing more to secure their devices? It’s expensive, and it will put friction in the user adoption process. Why aren’t we more careful about the devices we bring into our homes? Well, who expects a refrigerator to come equipped with a wi-fi hot spot?
Does this mean we need to monitor our home networks like we do our work networks? Where is our generation’s Ralph Nader, to hold these manufacturers responsible for the havoc their devices are wreaking?