MacGyver-like chefs need not fear running out of pots and pans if there is a router nearby, it turns out, with Symantec demonstrating how a generic router can be heated up to 150 degrees Fahrenheit or 65.5 degrees Celsius by hijacking the device and stealing its resources, in turn dialling up its electricity usage and heat output.
Symantec performed the demonstration at the Black Hat USA 2018 convention in Las Vegas this week. After exploiting the router, it only took 10 minutes to heat it up so it was painful to touch and able to sizzle an egg right in front of the audience.
The security firm sought to visibly demonstrate the often-unseen risks of cryptojacking where in this increasingly Internet-of-things and ubiquitously connected world the "bad guys" can steal your electricity and resources without you knowing. Malicious cryptominers can slow devices, overheat batteries, even render devices unusable, in the pursuit of their own profits.
Symantec says it saw an 8,500% increase in cryptojacking attacks last year, with a low barrier to entry. The firm also found a 600% increase in IoT attacks in the same period.
While security threats are often considered as desktop virus and email spam/scam attacks, Symantec provides a sober and sombre reminder the target may not be the end user but critical infrastructure, with serious results. Consider the expense and the wear on a data centre full of machines running at 100% utilisation 24x7.
Symantec recommends consumers and companies alike invest in strong internet security software, remain vigilant about phishing emails and dubious attachments and links, monitor logs, lock down access, and ensure security patches are current.