A recent article from the Aargauer Zeitung, cited by Golem.de, reports that approximately three million smart toothbrushes have been compromised by hackers, transforming them into a botnet. This network of hijacked dental devices was then utilized to launch a Distributed Denial of Service (DDoS) attack against a Swiss company's website, causing it to crash and resulting in a significant financial loss estimated in millions of Euros.
The vulnerability of the toothbrushes is attributed to their Java-based operating system, though the report does not specify any brands. These smart toothbrushes, designed for monitoring and enhancing oral hygiene, were instead manipulated into serving the botnet due to malware.
Swiss cybersecurity expert Stefan Züger, representing Fortinet, offered advice in the report on safeguarding smart toothbrushes and other internet-connected devices like routers, cameras, and household appliances. Züger emphasized the constant risk these devices face from cyberattacks, highlighting the ongoing battle between manufacturers and hackers to exploit or protect vulnerabilities. An experiment by Fortinet involving an unprotected computer connected to the internet showed it was infected with malware within just 20 minutes.
While detailed information on the Swiss company targeted by the costly DDoS attack remains undisclosed, such incidents often involve cybercriminals demanding ransom before executing attacks. This particular event underscores the importance of diligent device maintenance, including regular updates, network monitoring, the use of security software, and adherence to network security protocols.