Without any apparent symptoms or notice, a criminally enhanced refrigerator could be generating and sending out thousands of attacks every minute. In addition to the homeowner or business manager never realizing what is going on, these attacks may be unstoppable unless the machine itself is disconnected from its web connection.
Additionally, the infected refrigerator could spread malware from the kitchen to the home’s “smart” TVs, to the home’s computer networks, to other smart devices in the home, and even to connected smart phones. Every target could be transformed into malicious bots that distribute millions of infected spam messages and cyber-attacks.
So how do we combat this threat?
Unfortunately, end users really have no power to fix this problem. There is probably no way for a homeowner, office manager – or even an experienced refrigerator repair person – to talk to a refrigerator’s electronics. No way to get into the appliance’s software and middleware to identify and kill an infection. However, if the homeowner suspects an infection, they could disconnect the refrigerator from the its internet connection to make it “dumb” again.
It is up to device manufacturers to protect against these attacks. So how do manufacturers combat this type of attack? How can they ensure that appliances in homes and offices do not get infected to cause mayhem?
Security starts in the design process for the refrigerator itself, as well as for the appliances’ various electronic components and control surfaces. Most appliance manufacturers get their control sub-assemblies from a wide network of smaller manufacturers, sometimes with a worldwide supply chain. These suppliers need to make sure that the chips and sub-assemblies they use are secure from hacks.