sb-au logo
Story image

IoT home connectivity on the up, as are cybersecurity threats

In Oceania, nearly 50% of homes have at least one connected Internet of Things device, while globally this statistic is 40%.

As this number grows the number of security risks also grows, the study from Stanford University and Avast shows.

The new research paper, ‘All Things Considered: An Analysis of IoT Devices on Home Networks’, is the largest global study to date that focuses on IoT devices.

Stanford University assistant professor of computer science Zakir Durumeric says, “The security community has long discussed the problems associated with emerging IoT devices.”

Durumeric says, “Unfortunately, these devices have remained hidden behind home routers and we’ve had little large-scale data on the types of devices deployed in actual homes. This data helps us shed light on the global emergence of IoT and types of the security problems present in the devices real users own.”

The research reveals greater insights into the IoT ecosystem and subsequent cybersecurity challenges in homes across the world.

When it comes to Oceania, 49.2% of homes in Oceania have IoT devices, which places the region slightly behind Western Europe, which is second highest at 53.5%.

Furthermore, 30.7% of homes have media devices, 19.8% have work-related IoT hardware and 10.1% have gaming consoles.

Globally, even with more than 14,000 IoT manufacturers worldwide, 94% of all IoT devices are manufactured by just 100 vendors. According to Avast, this is an opportunity for manufacturers to improve security.

Avast head of AI Rajarshi Gupta says, “A key finding of this paper is that 94% of the home IoT devices were made by fewer than 100 vendors, and half are made by just ten vendors. This puts these manufacturers in a unique position to ensure that consumers have access to devices with strong privacy and security by design.”

By hardening these devices against unwanted access, manufacturers can help prevent bad actors from compromising these devices for spying or denial of service attacks, Avast states.

When it comes to cybersecurity, protocols like FTP and Telnet are still used by millions of devices. In fact, more than 7% of all IoT devices still use these protocols, making them especially vulnerable, according to the study.

This is also the case for 15% of home routers, which act as a gateway into the home network. According to Avast, this is a serious issue as when routers have weak credentials they can open up other devices and potentially homes to an attack.

The research shows that surveillance devices and routers consistently support Telnet protocol. Surveillance devices have the weakest Telnet profile, along with routers and printers. This aligns with historical evidence such as the role of Telnet in the Mirai botnet attacks that suggests these kinds of devices are both numerous and easy to compromise, Avast says.

To complete the research, Avast scanned 83 million IoT devices in 16 million homes worldwide to understand the distribution and security profile of IoT devices by type and manufacturer. The findings were then validated and analysed by research teams at Avast and Stanford University.

Users contributed data to the study using Avast’s Wi-Fi Inspector, which scans home networks for vulnerabilities and identifies potential security issues.

Story image
Commvault launches Metallic in A/NZ region for first global expansion
The Australia and New Zealand region continues to be a priority market for Commvault, as cloud adoption across the region leads global averages, the company states.More
Story image
Video: 10 Minute IT Jams - Who is CrowdStrike?
Today, Techday speaks to CrowdStrike ANZ channel director Luke Francis about the company's key products and offerings, its upcoming annual security conference, and the infrastructure it leverages in the A/NZ region.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
5 ways to use data science to predict security issues - Forcepoint
Data science enables people to respond to problems in a better way, and to also understand those problems in a way that would not have been possible 50 years ago.More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More