ABI Research suggests many smart home security companies are leaving major flaws in devices in their hurried attempts to break into the market.
An ABI Research report has forecast that there will be 360 million smart home device shipments by 2020, which is great news for IoT suppliers. But the concern comes with ABI’s claim that, in the rush to get to market, many manufacturers are leaving gaping holes in their smart home security devices, literally opening the door to potential hackers.
“We see an alarming increase in ransomware in smart TVs and IP cameras, code injection attacks, evidence of zero-day threats, and password eavesdropping for smart locks and connected devices,” says Dimitrios Pavlakis, industry analyst at ABI Research. “The current state of security in the smart home ecosystem is woefully inadequate. Smart home device vendors need to start implementing cyber-security mechanisms at the design stage of their products.”
Read more: Connected home insurance launches in the UK
Smart locking systems not so smart?
Several areas of weakness have been identified across smart home communication protocols, and ABI suggests that plenty of companies are developing smart locking systems that aren’t that smart at all. Easy-to-tamper locks and hackable sensor systems, along with other products with software vulnerabilities, are rife in the smart home security market.
ABI expects that these security flaws “could allow home invaders to determine when residents are out and enable them to break in more easily; cyber-criminals to carry out Distributed Denial of Service (DDoS) attacks and force appliances offline in exchange for ransom; and malicious actors to steal data, and possibly even personal information, and resell them online.”
Smart home security vulnerable to malware that’s “come of age”
According to a report released by Symantec, 2015 was a record year for IoT attacks, with malware targeting IoT devices having come of age. Eight new malware families have emerged, and more than half of all IoT attacks originate from China and the US.
Poor security on many IoT devices is allowing hackers to harness them for DDOS attacks, and often victims are completely unaware that their systems have been infected.
Nick Shaw, vice president and general manager EMEA, Norton by Symantec said: “As we continue to adopt more internet-connected devices in our daily lives – from fitness trackers and routers to home security systems, smart TVs and baby cameras – cyber-criminals are starting to pay attention. These new internet-accessible devices can bring great benefits, but they are also increasingly easy and lucrative targets for cyber-criminals.”