Serious security threats have been found in several connected home devices including Google’s Chromecast, baby video monitors, coffee machines and home security systems.
A team of anti-malware experts at Kaspersky Lab said that almost all connected devices available on the smart home market contain vulnerabilities.
The team tested four devices including Google’s Chromecast USB, which poses risks to users as the content on the victim’s screen is streamed from a source owned by an attacker.
Researchers also tested a coffee machine that exposes the homeowner’s Wi-Fi password, a baby video monitor that can be controlled by a malicious third-party, and a smartphone-controlled home security system that can be fooled by a magnet.
The company said that from an economic perspective it is still unclear why cybercriminals would attack connected home devices, but as the IoT market takes off, and technologies are being popularised and standardised, it is only a matter of time before black hats find a way to monetise an IoT attack.
In response, the company has issued advice to customers saying that people need to search the internet for news of any vulnerabilities within a device before buying it.
It also said that consumers should avoid the temptation of purchasing new products recently released on the market, and that when choosing what part of their life they are going to make smarter, consumers need to consider the security risks.
Victor Alyushin, security researcher at Kaspersky Lab, said: "Any connected, app-controlled device is almost certain to have at least one security issue.
"Criminals might exploit several of these issues at once, which is why it is so important for vendors to fix all issues – even those that are not critical."
He said that these vulnerabilities should be fixed before the product even hits the market, as it can be much harder to fix a problem when a device has already been sold to thousands of homeowners.
