Thousands of hacker attacks were launched on a network of smart home devices designed by researchers to assess the risk the gadgets pose to consumers.

During the initial week the “honeypot” network was online, 1,017 unique scans or hacking attempts were directed at the devices on the net, which included smart TVs, printers, wireless security cameras and Wi-Fi kettles, according to researchers at the NCC Group, Which? and the Global Cyber Alliance.

The attacks continued to grow, reaching 12,807 during a subsequent week, with 2,435 of those attempts to log into a device with a weak default username and password.

Most of the devices in the “hackable home” environment were able to prevent attacks through basic security protections, although this doesn’t mean they’ll never be at risk, the researchers explained in a statement.

The most concerning issue we found, though, they continued, was a connected camera which had a weak default password, which allowed a suspected hacker to gain access to the camera stream. However, the camera lens was taped over.

“Most of these attacks are automated,” observed Matt Lewis, an analyst with the NCC Group, a cybersecurity company in the UK.

“They don’t know what they’re targeting,” he told TechNewsWorld. “They just know how to access a service and try some common weak user name and password pairings.”

“The one that stood out to us was user name admin and password admin, which is a common configuration for a lot of devices,” he added.

Malicious Mixed Bag

Lewis noted that much of the activity spotted by the researchers was probably harmless. “It was from large internet companies scanning the internet to see what was out there,” he said. “There were also hackers looking for vulnerability IP addresses because they’re more curious than nefarious.”

However, he added, “We did see some CCTV camera activity that could be traced to a known threat actor in Russia.”

Brad Russell, a vice president at Interpret, a global advisory company, explained that device data in the smart home space is a lot different than personal identifying information.

A D V E R T I S E M E N T

“It’s a lot harder for people to worry about a piece of data from their thermostat, water sensor or garage door opener,” he told TechNewsWorld.

“And there hasn’t been a lot incentive for hackers to access smart home data,” he added. “Their energies are better spent installing ransomware and stealing really valuable data like credit card numbers and socials.”

Nevertheless, that doesn’t mean smart home devices can’t be leveraged to do harm to their owners.

“A smart thermostat that’s hacked might provide a gateway to the home network and then access to personal computers and digital files,” explained Adam Wright, a senior research analyst for the smart home at IDC.

“A smart camera or baby monitor that is hacked can facilitate the same malicious activity as the thermostat,” he continued, “but, in addition, the camera itself can be used to spy on people or the camera can be used to communicate or harass people in the home.”

“Any device that is connected to the internet that is compromised can be used as a jump point to other devices,” added Tom Brennan, chairman of Crest USA, a global not-for-profit cybersecurity accreditation and certification body .

“It can …….

Source: https://www.technewsworld.com/story/researchers-find-smart-devices-ripe-for-hacker-attacks-87192.html