40.8% of smart homes have at least one device vulnerable to remote attacks, a third of them being vulnerable because of outdated software with unpatched security issues, while more than two-thirds are exposed by weak credentials.
The security exposure risk is quite significant considering that roughly 40.3% of all smart households come with at least five devices connected to the Internet.
As discovered by Avast, out of all devices exposed directly to the Internet, routers are the ones most targeted because they're the ones which act as a central hub for all other Internet-connected electronics in smart homes.
Printers are the most vulnerable devices"59.7% of routers have weak credentials or some vulnerabilities" and "59.1% of users worldwide have never logged into their router or have never updated its firmware," says Avast.
Avast says in their report that "a router that is vulnerable to attack poses a risk for the whole home, much like leaving your front door unlocked. Cybercriminals can redirect compromised routers to access exactly what they want, including phones, computers or any other connected device."
When it comes to the type of devices known to be most vulnerable to attacks, printers lead the pack with a comfortable 43.8% in the US, while NAS devices and security cameras are on the second and third place with 17.7% and 14.7% respectively.
Top vulnerable devices excluding PCs, smartphones, and routers (NORTH AMERICA & AUSTRALIA)Even though an increasing number of IoT devices in one's home is definitely not something to frown upon given the advantages they come with, the fact that their manufacturers don't or won't keep up with strong-enough security makes them a high-risk asset to have on one's home network.
Once threat actors manage to exploit weaknesses in IoT devices, they more often than not add them to large-sized botnets that can later be used either as the main tool behind DDoS attacks or to surreptitiously mine for cryptocurrency as part of cryptojacking campaigns.
DDoS attacks the highest threat for companiesAccording to a report published last week by the Neustar International Security Council, US and EMEA security professionals interviewed in January 2019 said that DDoS attacks are seen as the highest threat to their organizations, with around half of their companies having been attacked in 2018.
"It only takes one weak device to let in a bad hacker and once they are on the network, they can access other devices, and the personal data they stream or store, including live videos and voice recordings," said Avast President Ondrej Vlcek. "Simple security steps like setting strong, unique passwords and two-factor authentication for all device access, and ensuring software patches and firmware updates are applied when available, will significantly improve digital home integrity."
Avast included data from 16 million different home networks from all over the world in their 2019 Smart Home Security Report, from countries all around the world with a focus on 21 countries in North and South America, Europe, and the Asia Pacific region, with a total of 56 million devices having been scanned to gather the data.
source
