High cyber risk for smart homes
28 February 2019
AVAST HAS announced that two out of five digital households are vulnerable to cyber attacks.
The Avast Smart Home Report 2019 contains insights from over 16 million smart home networks, revealing that 40.3% of homes worldwide have more than five smart devices connected, and 40.8% of these digital homes worldwide contain at least one vulnerable connected device.
This illustrates how many homes are at risk from Internet of Things devices as it only takes one vulnerable device to compromise the security of the whole home network.
“People use their smart TV to watch their favorite Netflix series or connect their baby monitor to their home network, however often they don’t know how to maintain their devices’ security,” said Ondrej Vlcek, President, Consumer at Avast. “It only takes one weak device to let in a bad hacker and once they are on the network, they can access other devices, and the personal data they stream or store, including live videos and voice recordings. Simple security steps like setting strong, unique passwords and two-factor authentication for all device access, and ensuring software patches and firmware updates are applied when available, will significantly improve digital home integrity.”
The majority (69.2%) of vulnerable devices in households worldwide (U.S.: 60.9%, Spain: 65.0%) were discovered to be vulnerable due to having weak credentials, such as passwords or only using one-factor authentication. A further 31.8% of these devices worldwide (U.S.: 39.4%, Spain: 35.6%) were vulnerable due to not being patched.
Avast also scanned 11 million routers worldwide and found that over half (59.7%) worldwide either have weak credentials or software vulnerabilities. In the U.S., more than two third (69.8%), and in Spain, two out of three (40.4%) routers are vulnerable. Out-of-date software is often the weakest link in the security chain, making it an easy gateway for cybercriminals looking to access other connected devices.
The most vulnerable devices
The research found that the top five most spread vulnerable devices were:
Network device (a connection point that can send and receive data such as a hub), 28.9%
Security camera, 20.8%
NAS (Network Attached Storage), 7.8%
Media streaming box (set-top boxes, Chromecasts, TiVos), 5.3%
Security camera, 14.7%
Network device, 14.6%
Media streaming box, 3.7%
Network device, 25.9%
Security camera, 20.1%
Media streaming box, 4.6%
Printers were found to be the most prevalent vulnerable device worldwide, featuring in the top three list in every single country scanned and topping the list in the U.S., Canada, Australia, Singapore, South Korea and Japan. Media streaming boxes (e.g. set-top boxes, Chromecasts, TiVos) have entered the top five, and are incidentally the third most prevalent IoT device found in digital homes, after TVs and printers.
A link to the full report can be found here: https://cdn2.hubspot.net/hubfs/486579/avast_smart_home_report_feb_2019.pdf
The data in this document has been obtained from scans run by Avast users from their computers using the Avast Wi-Fi Inspector during September 2018. In total, 16 million different home networks worldwide are included in this study from countries all around the world. 56 million devices were scanned. The report focuses on the emerging connected devices, as opposed to computers and smartphones.