Reports are coming in from Aargauer Zeitung that some three million ( !! ) smart toothbrushes were hacked to execute a Distributed Denial of Service (DDoS) attack against a Swiss company. That’s right, your toothbrush might have been compromised and used to assault a company by bombarding it with fake traffic, effectively taking it offline.
Now, details on this report are lacking – things like which toothbrush types, what the attack was, and more. What we do know is that the toothbrushes in question were running a version of Java ( a common language for IoT devices ).
However, this does bring up an increasingly more important question with all of the smart devices in our lives. Who is maintaining these devices? Who is updating them and making sure they are secure? Too often, smart devices are setup once and never updated or maintained past that. And once they are setup, are you checking to make sure they are secure? Or is your toothbrush as exposed as this person’s neighbor’s? Even worse, sometimes the device manufacture just stops providing updates for the device completely, leaving it vulnerable to new attacks.
This is one of the big reasons why we’re such fans of having a local smart home, where your devices keep their traffic on your property, and you control who has access to your data.
Just don’t forget to leave your toothbrush unsecured.
