You don't have to harden your internet connected refrigerator against malicious attacks. Why? Because when you ask "what could possibly go wrong?" the answer is your food will spoil, and you will have to throw it out. It's not like spoiled food is not instantly recognizable.
See, anything which would allow a remote attacker to destroy your property and cause you to spend money is an indication than in internet enabled fridge is either a really stupid idea, or that it needs to be hardened.
So, other than some moronic social experiment of "information wants to be free so if you see what's in my fridge what's the harm"
If some asshole hacking my fridge and spoiling my food (or, possibly my medication) is the price of having an internet connected fridge
You sound like you're willing to give manufacturers of fridges some kind of free pass to be incompetent/indifferent to security. I'm saying any manufacturer which is either of those two things doesn't deserve to get my money.
The same goes for my thermostat. And my lights. And my stove. And my freezer. If you're not taking security seriously, I'm not taking your fscking product seriously.
So, if the internet of things is predicated on terrible security, or being indifferent to it altogether
If I have to firewall my fridge to make it useful, I won't connect it to the internet at all. If it pokes holes in my security and provides an access point to attack other things
To me there is no scenario in which I'm willing to accept companies being too damned lazy to care about security. Because that pretty much makes the devices not trustworthy from the start.