2 min Security

Thousands of industrial refrigerators to defrost remotely

Thousands of industrial refrigerators to defrost remotely

Security researchers have found thousands of internet-connected refrigerators that can easily be remotely instructed to defrost. It concerns more than 7,000 systems made by the British Resource Data Management, says TechCrunch.

The systems are accessible via the internet and can be controlled by simply entering the standard password from the documentation on the company’s website. That says Noam Rotem, one of the security researchers who discovered the vulnerable systems.

Many of the vulnerable systems are in industrial refrigerators in restaurants, hospitals and supermarkets in Great Britain, Ireland, Sweden, Germany and China. By defrosting the refrigerators, water damage, financial damage and damage to the inventory can occur.

“The systems can be accessed from any browser,” says Rotem. “To defrost a machine, all it takes is a push of a button and the entry of the default password and username. These are universal for almost all of the company’s devices. It is also possible to adjust user settings, alarms and other functions on the vulnerable machines.

Response Resource Data Management

“We make it clear in our documentation that the default password must be changed when the system is installed,” said Resource Data Management in a response to TechCrunch. However, this change is not mandatory and according to Rotem, many owners of the devices do not make that effort.

The company further states that its customers are going to email to “remind them of the importance of changing the default usernames and passwords”. In addition, the warning should be sent out to them in particular, according to a spokesman. “We will inform owners that we have new software available with new features, but in the end it’s up to them to ask for an upgrade.”

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.