Avast ye landlubbers – cyber pirates can pillage your smart home


Avast, no relation to the pirate speak above – has found that at least a third of Aussie homes are wide open to cyber pirates (cybercriminals) via insecure IoT devices.

The Avast Smart Home report February 2019 (Global report here) found 40.8% of homes globally (33.4% in Australia) had not closed back doors in IoT. Chances, if you have five smart devices at least one, is open to pillage. One lousy device gives unfettered access to the whole home network.

Ondrej Vlcek, President, Consumer at Avast, said

“People use their smart TV to watch their favourite Netflix series or connect their baby monitor to their home network. However, often they don’t know how to maintain the security of that device.”

“It only takes one weak device to let in a bad hacker and once they are on the network, they can access other devices and the personal data they stream or store, including live videos and voice recordings. Simple security steps like setting of strong, unique passwords and two-factor authentication for all device access, and ensuring software patches and firmware updates are applied when available will secure the home.”

IoT Global penetration

  • 40.3% have five-ten or more IoT devices (France is the lowest at 2.1%)
  • 6% have ten or more (Indonesia has 18.2%, USA 15.5%)

What IoT devices do we use?


What vulnerabilities?

  • 40.8% have at least one device open to attack
  • 69.2% of vulnerable devices in households worldwide (55.4% in Australia) had weak credentials, such as simple passwords
  • 31.8% of these devices worldwide (45.1% in Australia) were vulnerable due to not being patched.
  • 59.7% had vulnerable routers, and 59.1% had never accessed the admin page to update the firmware

Avast also scanned 11 million routers worldwide. Its scan was no differnt to a cybercriminals scan

59.7% either have weak credentials or software vulnerabilities. Out-of-date software is often the weakest link in the security chain, making it an easy gateway for cybercriminals looking to access other connected devices.


The most vulnerable devices

Based on a scan of 117,773 Australian home networks, the research found that the top seven most vulnerable devices in Australia were:


Printers you ask?

Printers are the most vulnerable device worldwide, featuring in the top-three list in every single country scanned and at the top of the list in the U.S., Canada, Australia, Singapore, South Korea and Japan.

People do not think of printers as IoT devices and are likely never to have updated firmware or changed passwords. As these inevitably have a web-server interface, they are easy to access and gain entry to the Network.

OK, What to do?

As IoT devices, such as a Google Home or an Amazon Alexa, grow in popularity, there needs to be greater consumer awareness to help mitigate the risks if IoT is not properly protected.

Too many smart devices can be compromised, including thermostats, streaming boxes, webcams and digital personal assistants. One of the more common types of attack is to join tens of thousands of IoT devices in unsuspecting botnets to perform attacks on others.

  1. Change all passwords
  2. Update firmware
  3. Avast suggest you install its software here
  4. Read GadgetGuy’s How-To Guide to secure IoT here.