People’s homes could come under attack as a consequence of bitcoin’s price surge, a cybersecurity expert has warned.
However, it’s not just regular computers that are at risk.
Other internet-connected devices around the home – seemingly harmless items such as smart thermostats, light bulbs and cameras – could be targeted, and victims might not even notice they’d been attacked until they saw their electricity bills inflate.
“Any device that is ‘smart’ now has the three key ingredients to provide the cyber bad guy with everything they need – internet access, power and processing,” Neil Haskins, the director of advisory services for EMEA at cyber security firm IOActive, told The Independent.
“I can introduce my crypto-mineware via a compromised mobile phone and start to exploit the processing power of your home devices to mine bitcoin.”
It’s fairly easy to work out if your computer is being used for mining, as it will slow down significantly and the battery will drain rapidly. These indicators, however, don’t apply to smart home devices.
“When could you detect this, at the end of the month when you get an electricity bill? Instead of £50 a month, it’s now £150,” says Haskins. “And how do you diagnose the issue? You complain to the power company, they show you the usage and it’s correct. Your home really is consuming that power, even if it isn’t you doing it.”
That’s an incredibly concerning prospect, and Haskins says the potential rewards for cybercriminals vastly outweigh the potential risks. And if they manage to pull off such an attack successfully, they’re likely to try it again.
“A cyber bad guy makes several assessments when deciding on an attack: the risk of detection; the reward for the effort; and the penalty for capture,” Haskins explains. “The risk of detection in these attacks is extremely low. You could be mining blocks for months without stopping, that’s tens of thousands of dollars, so the reward is huge. And what’s the penalty for someone hacking a toaster? The impact is measurable to the homeowner. This is real, and who’s to say not happening already?”
While manufacturers are responsible for ensuring their devices are secure, this isn’t always the case.
Fortunately, there are steps you can take to protect yourself and your home, and Haskins says you don’t need to avoid smart devices altogether.
“The power is in the hands of the consumer. As soon as the consumer starts to purchase products based not only on their power efficiency, but their security rating as well, then we will see a shift to a more secure home,” he says.
“In the meantime, consider the entry point for most cyber bad guys. Generally, this is your desktop, laptop or mobile device. Therefore, ensure you have suitable security products running on these devices, make sure they are patched to the correct levels, and be conscious of the websites you are visiting. If you control the available entry points, you will go a long way to protecting your home.”
Source: The Independent
Written by: Aatif Sulleyman
7th January 2018