The anonymized, statistical data in this document has been obtained with user
consent from scans run by Avast users from their computers using the Avast Wi-Fi Inspector feature during September 2018. All non-home networks have been excluded from this study.
Smart devices, like security cameras, baby monitors, TV media boxes, smart TVs, printers, and gaming consoles, are entering homes at a rapid pace and with them, vulnerabilities. In Russia, TVs, printers, and security cameras are among the top ten most popular smart home devices (excluding PCs, smartphones, and routers). Avast scanned more than 16 million smart home networks worldwide using Avast Wi-Fi Inspector, and found that two out of five (40.8%) digital homes worldwide contain at least one device that is vulnerable to cyberattacks, which therefore puts the entire home at risk. Despite widespread warnings to consumers to change passwords and pick strong and unique ones for all devices, over 69% of vulnerable devices are still at risk due to default or weak access credentials, which offers hackers easy access and the opportunity to seize control of these devices.
Increased IoT usage needs increased protection. With IoT growth predicted to more than triple by 2025 to over 75 billion connected things, manufacturers are under pressure to deliver smart devices to market quickly and at an affordable price.
However, this often means security features are neglected. Avasts research shows how many devices are vulnerable to attack, either because they use weak access credentials, or due to outdated firmware, especially where (in some cases) patches arent even available.
The current approach to securing IoT devices is to expect the user to take action and understand how to accomplish this even when the majority of vulnerabilities are caused by unpatched security flaws.
This approach creates a security gap and a massive opportunity for cybercriminals. With a high diversity of IoT devices on the market, it is difficult and complex to provide protection at the device level, and therefore smart home security needs to begin and end at the network level.
That said, theres only so much that consumers, and indeed manufacturers can do. In a perfect world, IoT manufacturers would be working with security experts to ensure a security layer is included in their devices. For now, we can take action to protect the router in a smart home, which is often an overlooked device, capable of more than we might realize more than just connecting our homes and devices to the Internet.