Home Internet-of-Things Harbors CyberAttacks, says Antivirus Vendor
The Internet-of-Things has not only penetrated the enterprise but our homes as well. Many articles on the web have extensively discussed the convenience that IoT devices provide. Many vendors jumped into the IoT bandwagon, releasing their own version to the market using proprietary hardware and firmware. Bitdefender, a mainstream antimalware vendor has released a report about the weakness of IoT to Denial of Service Attacks and other threats online.
“The IoT market has been booming in the past two years, impacting both consumers and businesses across sectors worldwide. Even though the technology has been widely adopted with great enthusiasm, a thorough security pattern still hasn’t been properly discussed to ensure its further growth in an increasingly sophisticated threat landscape. Following large-scale cyberattacks launched through exploited IoT botnets in the past two years, IoT risk awareness has slightly increased, yet smart devices are still vulnerable. One major cause is that manufacturers rush to deliver innovative gadgets that catch the eye of the consumer, but completely disregard end-to-end encryption,” said a Bitdefender representative in the report.
The IoT market is still in its infancy; it is a good target for launching DDoS attacks and better carriers of malware across other target networks. Bitdefender, with their analysis, discovered that in a 30-day data analysis, 461,718 attempted attacks against IoT devices happened. “Weak usernames and passwords, negligent browsing, as well as the lack of firmware updates aid hackers in getting access to banking information, private photos and videos, e-mails, home security settings and eavesdropping through baby monitors and smart TVs. 58% of owners use different passwords for each smart device and 24% have several passwords they use randomly,” Bitdefender further explained.
The real cause of the problem is poor update facility for IoT devices. Due to weak SOC (system-on-a-chip) compared to smartphones and PC, IoT devices can only be efficient in doing one basic task at a time. It does not have the luxury of a fast processor, big memory and of storage. Hence, retroactively creating an update system on top of already weak hardware is not feasible.
Below are the key facts that Bitdefender has enumerated, which makes the IoT platform a ripe environment for cyberattacks:
- 5 out of 10 SmartTV owners confessed they hadn’t changed the password for their TVs.
- 1 of every 10 IoT user admitted using the same password across all their devices.
- Only 2 of every 10 users have random passwords for use.
- 55% of smartTV users are not interested in updating the firmware of their device.
- 38% of smartphone/tablet users have not updated their firmware.
- 6 for every 10 users has not updated their home modem/router even if one is available.
- 5 out of 10 SmartTV users have left their TV apps not updated on a regular basis.
“Without actively making informed decisions regarding the security status of their home network IoTs, users will be at constant risk of more than just having their private and personal data stolen, leaked, or irreversibly lost. While IoT security awareness should start with manufacturers, it’s also up to individual users to secure their home network and understand the risks associated with poorly secured smart things,” concluded Bitdefender.
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.