The Most Vulnerable IoT Devices: Think Before You Buy
As Black Friday approaches, security experts spotlight risks of IoT.
Note: TDWI’s editors carefully choose press releases related to the data and analytics industry. We have edited and/or condensed this release to highlight key information but make no claims as to its accuracy.
With the shopping season approaching, it’s likely that internet-connected gadgets and toys will be popular items on many people’s wish lists; more than 88 percent of people use Internet of Things (IoT) devices in their households. However, cybersecurity experts warn: IoT devices can quickly go from fun to creepy, depending on how hackable they are.
Globally, 1.5 billion attacks have occurred against IoT devices in the first six months of 2021. Out of these recent attacks, the most significant one happened in March of 2021, when a group of hackers gained access to 150,000 of Verkada’s smart security cameras used inside hospitals, companies, police departments, prisons, and schools. As a result, criminals were able to see videos from women’s health clinics, psychiatric hospitals, Tesla Inc., and Verkada’s offices itself.
Which IoT Devices Are Too Dangerous to Buy?
There are two main aspects that can determine the level of vulnerability of certain devices. First, innovation. If a product is new and doesn’t have a lot of competition on the market, it is usually less tested before the release and is thus more dangerous for a user.
“IoT device makers are in a rush to sell the new gadgets as quickly as possible. This means that they are shipping them out with the minimum features required for them to function, shortening the development process, including testing, and cutting costs as much as possible. So, if we take the innovation aspect into consideration, the most dangerous devices are those that are too new to be widely used and thus tested,” digital security expert at NordVPN, Daniel Markuson, concludes.
Another aspect is the cybercrime economy. Criminals usually target those devices that bring them the biggest value. Because of that, the most vulnerable devices are those that store the most sensitive information, which can later on be used to manipulate users into paying ransoms.
For example, if criminals take over a user’s baby monitor, they can observe the child and everything that is happening in his or her room and convince a parent that they have much more
valuable information than just those recordings. A similar attack happened in January of 2019, when a mother from Western Australia noticed a major security breach of her device as she saw a stranger's bedroom on the screen of her baby monitor.
“This aspect makes smart cameras (owned by 16.4% of users), speakers (28.2%), and TVs (57.1%) the riskiest, as they store the most sensitive information about their users,” Markuson explains. “I would also pay special attention to the Wi-Fi router I buy. It doesn’t store a lot of personal information but creates a network that connects all the devices in the user’s household. So, once a criminal hacks your Wi-Fi router, they can get access to all of your IoT devices.”
What to Consider Before Spending Your Money on a New Device
- Look into the privacy issues associated with the devices you purchase. Look up tech sites that dig into privacy and security issues or buy devices certified by organizations like ioXt.
- Avoid buying devices that are too new to be properly tested. You might miss out on an innovation, but you will also miss out on the risks associated with a possibly rushed product.
- Think if you really need the device. Research shows that people who have more devices are also more vulnerable to hackers’ attacks.
- Take proper care of your device once you purchase it. As soon as you set up a new device, change its default login and password and turn off the features you won’t use. Also, don’t forget to update your device regularly and install a VPN if possible.