Any IoT Device Can Get Hacked — Even Dishwashers

IoT Needs Both Innovation And Standardization

Cyberattacks know no bounds.

With the increasing amount of connected devices, it seems that the ways in which things in the Internet of Things (IoT) can be breached also rises. From smartphones to home lighting systems and locks, there are a myriad of items that are becoming more and more connected each day.

Gartner predicts there will be nearly 21 billion connected devices by the year 2020 — just two and a half years away.

One of the latest devices to become connected and consequentially hacked is likely an unexpected appliance — the dishwasher.

Within the past week, Jens Regel, a German researcher who specializes in security, uncovered a risk in the industrial Miele Professional PG 8528 connected dishwasher. Used in facilities like restaurants and hospitals, the bug found in this dishwasher is just the tipping point for hackers. Through this vulnerability, hackers can install malware on the dishwasher and use it to bounce off onto other connected devices.

Given that this dishwasher is specifically an industrial brand used in restaurants and hospitals, the consequences for a successful hack could be quite dangerous. Regel highlighted this in his study: “The corresponding embedded webserver ‘PST10 WebServer’ typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks.”

Currently, there is no known fix for this dishwasher technical bug — which raises the question about whether or not every device should be connected just because the ability to do so exists. What’s the solution to keeping all IoT-enabled items safe and secure?

Constant vigilance, along with regular compliance and risks assessments, are likely the route most companies will have to follow in order to ensure true cybersecurity.