A distributed denial of service ( DDoS ) attack was launched by a fictitious smart toothbrush botnet in the last 24 hours, as follows:
There were also a lot more.
A report published in the Swiss newspaper Aargauer Zeitung last week served as the basis for the reports.
The article begins dramatically in German. The following is a computer-generated translation of its first few sentences:
Although she is in the bathroom at home, she was involved in a significant cyberattack. Criminals have unknowingly installed malware on the electric toothbrush, which is programmed with Java, just like they do on 3 million other toothbrushes. The remote-controlled toothbrushes can access a Swiss company’s website at the same time with just one command. Four hours pass before the site collapses and becomes paralyzed. Damage totaling millions of dollars.
This incident actually occurred, despite appearing to be a Hollywood scenario. It demonstrates the evolution of digital attacks ‘ adaptability. It demonstrates the evolution of digital attacks ‘ adaptability. According to Stefan Züger,” Every Internet-connected device has the potential to be a target or could be used for an attack.” He is in charge of the system technology division of Fortinet, a cybersecurity expert based in Dietlikon, Zurich. Do not worry about the baby monitor, web camera, or electric toothbrush.
The report from Aargauer Zeitung has a problem. Actually, it did n’t take place.
It’s a fictional tale. A Swiss company was not the target of a DDoS attack by three million smart toothbrushes.
Fortinet’s PR team would have been disseminating the news left, right, and center if they had actually launched the attack. However, there is silence on Fortinet’s press release archives and social media accounts.
Fortinet declined to respond to the security researchers or cybersecurity news organizations that bothered to inquire about the situation.
Despite everything, the phrase” Beware, your electric toothbrush may have been hacked” continues to be used in numerous newspapers and websites all over the world.
Because it makes such a good story, that is.
Of course, it’s a false story. Nevertheless, a fantastic tale.
Yes, the risks associated with unsecured IoT devices should be made known to the general public. However, journalists and cybersecurity vendors must refrain from making up stories. Otherwise, fake news wo n’t be believed by anyone.
News, suggestions, and security advice.
The story could have been changed by Fortinet to make it clear that it was n’t true and was merely an illustration of a potential scenario. It decided to keep its erroneous mouth shut in its place.
Perhaps the media attention and exposure were enjoyable for it.
Their share price does n’t appear to be harmed by it.
This article piqued your interest? To read more of the exclusive content we post, follow Graham Cluley on Twitter, Mastodon, or Threads.