How my fridge broke the Internet
I recently bought a Smart refrigerator, and recognise there are positives and negatives.
Positives include making great ice and letting me know, while I’m at the store, that the yogurt or milk I’d bought two weeks ago has expired. It can call the service centre when something is failing. It can even tell me the current weather or stream music. Unfortunately, negatives include that it can wage cyber warfare from my kitchen!
Before you run to the kitchen to unplug your Smart fridge, it’s worth noting that this issue applies to many Smart devices and here’s why.
A common thread
If I were to remove the “brains” of my Smart fridge – that is, the silicon chip and operating system that runs on the chip – I’d find that it’s the same, or nearly identical, as the chip–operating system combo that’s in my Smart TV, toaster, thermostat, and door lock.
Actually, these chips and operating systems are in millions of connected devices, from industrial equipment in oil fields and power grids to vital healthcare equipment, such as drug infusion pumps, defibrillators, and, yes, the refrigerators in hospitals that ensure blood supplies and medicines stay at a safe temperature.
How can that be?
Once upon a time, the chips and operating systems used in different types of devices were purpose-built for that specific device and that particular industry. An oil and gas field monitor would carry its own, custom-made chip and operating system. Same goes for the power or healthcare industry.
This might not have been particularly efficient, and it certainly wasn’t cheap, but what it did mean was that if a bad actor wanted to hack a particular piece of oil and gas equipment, he or she had to target that unique chip and operating system. If they wanted to target another piece of equipment, they’d have to start the process all over again.
Effectively, the “brains” of the oil field equipment was as different from the “brains” of a defibrillator as an oil and gas field monitor is different from a defibrillator.
Race to the bottom
Today, however, in the race to lower prices and bring connected and Smart products to market quickly, manufactures are using cheap mass-produced chips and operating systems to give their devices “brains”. As a result, they are less concerned with the security implications of this “race to the bottom”.
That’s why my fridge seems so Smart about streaming music. It’s the same chip/operating systems that I’d find if I opened up my streaming audio speaker. Same goes for the oil and gas field equipment or the infusion pump in the hospital. Add a speaker and they could both play music just fine.
One bullseye, millions of targets
On a more serious note, however, what this means is that a malicious actor has to hit only one bullseye in order to compromise millions of devices.
Even if it’s incredibly difficult – and both resource- and time-intensive – to compromise the chip or the operating system, the incentive to do so today is enormous: the threat actor will gain access to millions upon millions of Internet of Things and other Smart and connected devices, creating enormous botnets to serve as their digital army.
When a hacker’s computer is building a botnet army for a distributed denial of service (DDoS) attack – such as the one executed against Dyn on October 21, 2016 – it doesn’t see a fridge, a toaster or an oilfield monitor, it just sees a vulnerable computer running a commoditised chip and operating system.
Houses with the same key
To put this another way, consider an apartment building with ten apartments and ten different physical front door keys and locks. If you want to rob all ten apartments, you need to steal the keys or break the locks on ten different doors.
Imagine, however, if they all used the same key to open their front doors. Even if every apartment owner protected their keys with a team of armed guards, the potential opportunity of being able to access not just one apartment, but all ten through a single key, would make the incentive to overcome the guards enormous.
Exploits for these chips and operating systems don’t have to be easy; the devices they run on just have to be ubiquitous enough to be worth the trouble.
Everything is vulnerable now
So this is how we end up in an environment where millions of IoT devices could be compromised by the successful DDoS attack against Dyn, which took many well-known US and global websites offline for hours at a time.
The thing is, millions more devices with these same vulnerable, commoditised chips and operating systems sit on store shelves across the globe and they continue to be made in factories from China to Chile.
Even with the announcement of global recalls from certain device manufacturers, the immediate solution doesn’t lie with throwing away these devices; it lies in a very different approach, both from industry and consumers.
This is where we as consumers – whether individuals, SMEs, enterprises or nation states – can directly influence the security of these devices by changing the incentives for their manufacturers. As the target consumers for a vast majority of these devices, we can vote with our wallets.
We can begin to choose – demand even – that manufacturers stop using commoditised and insecure chips and operating systems. We can favour those that certify that their devices have higher security.
This may make devices more expensive. But just as we pay a little bit more for our cars so that they contain equipment to clean the exhaust and thus deliver healthier air and a cleaner environment for everybody, so too does thinking about and researching our choices – and in some cases paying a bit more for our Smart devices – deliver a safer Internet for us all.
I’d certainly be willing to pay a few more dirhams for my fridge if that gave me more confidence that the only thing it could freeze was my ice.