Smart home device security risks |

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

July 2, 2021

A home filled with smart devices could be exposed to more than 12,000 hacking or unknown scanning attacks from across the world in a single week, an investigation by UK consumer champion Which? has found.

UK households now have more than 10 different connected devices on average, from televisions to thermostats. While these products can bring huge benefits and convenience for consumers, as homes become more connected they can become more of a potential target for hackers.

Which? set up a fake home and filled it with connected products bought from online marketplaces, ranging from smart TVs, printers and wireless security cameras, to more unusual gadgets such as Wi-Fi kettles. Researchers then connected them to the Internet, exposing them to online threats and malware created by real cybercriminals.

Working with cyber security specialists NCC Group and the Global Cyber Alliance, Which? looked for unique scanning attempts – a technique used to locate online devices that exists in a legal grey area and is a potential gateway used by hackers – and hacking attempts, which are a clear breach of the Computer Misuse Act.

The research team saw 1,017 unique scans or hacking attempts coming from all around the world in just the first week of testing, with at least 66 of these being for malicious purposes.

That figure rose to 12,807 unique scans or attack attempts against the home devices in the busiest week, including 2,435 specific attempts to maliciously log into the devices with a weak default username and password. That equates to 14 attempts every hour by real hackers to infiltrate the devices.

Most of the time, the basic security protections in the devices were able to block the attacks, but that was not always the case.

The most targeted devices in the testing were an Epson printer, an ieGeek branded wireless camera and a Yale smart home security system. All three devices were purchased from Amazon.

The ieGeek camera was easily hacked and compromised, allowing a genuine suspected hacker to access the video feed and spy on the testers. This is despite Amazon awarding the camera its influential ‘Amazon’s Choice’…