Though IoT devices continue to assist with smart connectivity and communication, there are high potential risks involved. For instance, a new investigation from the consumer advocacy organization Which? revealed that smart homes could suffer over 12,000 IoT attacks in a week. Common home appliances like air-conditioning units, TVs, refrigerators, washing machines, lights, doorbells and even ceiling fans are increasingly being IoT enabled.
Fake Smart Home Setup
In order to find the frequency of IoT attacks, Which? created a fake smart home setup with real IoT devices like smart TV, webcams, routers, thermostat, printers, doorbells, and smart lights, etc., The company conducted the test in May 2021 in collaboration with cybersecurity firm NCC Group and IoT malware specialists the Global Cyber Alliance (GCA).
What the Investigation Found
- Over 1,017 hacking attempts detected were from across the world, in the first week of the test.
- Nearly 66% of the intrusions are malicious.
- More than 12,807 unique scans/attacks were observed against IoT devices in a week in June.
- Over 2,435 specific attacks to authorized intrusions were observed, accounting to 14 attacks per hour.
- While attackers often hide their locations during attacks, most hacking attempts originated from the U.S., Russia, India, China, and the Netherlands.
Weak Passwords – The Main Culprit!
Most IoT devices have default or weak passwords that can easily be guessed. And their owners never bother to change the passwords from factory defaults. The investigation found over 2,684 hacking attempts that are intended to guess weak and default passwords. As soon as the device connects to the Internet, it’ll be under hackers’ radar. Cybercriminals often focus on vulnerable IoT devices to find credentials, deploy ransomware, or data theft. It is estimated that 97% of all IoT attacks are performed to add them into Mirai, a botnet that searches for insecure connected devices. Mirai botnet leverages brute-force attacks to guess passwords and install Trojan on the targeted devices.
How to secure your IoT devices
Basic security measures can boost your smart home security. These include:
- Use strong passwords
- Enable all the security features offered by the particular IoT device
- Update the IoT devices regularly
- Most importantly, update your Wi-Fi router and password regularly, as it’s the gateway for all your smart devices
The IoT Risk is Inevitable!
In an interview with CISO MAG, Chukwudum Chukwudebelu, Chief Strategic Officer and Co-Founder at Simius Technologies Inc., discussed the major cybersecurity concerns associated with IoT devices. “The IoT technology will always improve but it will never be 100% secure. As long as it is connected to the internet, there is always a risk. The best chance at cybersecurity is to reduce that risk. Since the internet was not built to be secure, rather, it was designed to be shared. Industries are increasing the use of IoTs, and consumers are doing the same,” Chukwudebelu said.
To read the full interview, subscribe to and download CISO MAG’s July 2021 issue, which includes interviews with a diverse and rich mix of topics and conversations that include 5G security, encryption and cryptography, incident response, vulnerability disclosure, API security, IoT device security, backup strategies, insider threats, and the latest cyberthreats.
Get Your Copy Here!