The lack of robust IoT security standards remains a significant issue as the number of devices continues to grow exponentially, according to a recent study from Trustlook—but consumer awareness of the threats remains low.
A Trustlook study, based on responses to a September 2017 survey, revealed that more than one-third (35%) of IoT device owners do not change the default password on their devices, leaving them vulnerable to attacks. Also, 54% of do not use a third-party security tool to protect their devices from outside threats.
This comes as the proliferation of IoT devices in 2017 continues, with 8.4 billion devices currently in use, and a total of 25 billion devices projected by 2020. The survey found that 41% of consumers own an IoT device, such as a smart refrigerator or fitness tracker.
And, as the use of these devices continues to increase, so do the associated risks. By 2020, it is estimated that 25% of cyber-attacks will target IoT devices. And indeed, in the past year there already have been a few high-profile IoT attacks. In July 2017, hackers were able to gain root access to a vulnerable Amazon Echo and add commands that secretly capture the raw microphone input. And last fall’s Mirai botnet, which targeted IoT devices, shut down a large part of the Internet.
Even so, in the survey, only 17% said that they know what Mirai is.
"It’s clear that the IoT phenomenon has resulted in manufacturers and consumers not taking security seriously enough," said Allan Zhang, CEO and co-founder of Trustlook. "Our advice would be to add security at the earliest stages of development, as well as layer on additional security measures once devices are in production."
Have you registered for Infosecurity North America taking place in Boston, 04-05 October 2017? For the full agenda, speaker list and more information, please visit https://www.infosecurity-magazine.com/conferences/infosecurity-north-america/