Skip to main content

Examples of insecure IoT devices that can cause nightmares

Internet of Things (or IoT) plays an extremely important part in our day-to-day life. Internet-connected technology is present everywhere, take for example smart assistants like Siri and Alexa, smart cars, smart watches, or even smart homes.

These systems are helpful in our everyday lives, but also, they include a greater concern for enterprises who are unable to secure each and every device on their network. This gives cybercriminals opportunity to access their network with just one insecure device.


Just back in 2016, a botnet of an estimated 100000 internet-connected devices were hijacked to flood the systems with unwanted requests and close down the Internet for millions of users. The malware, called Mirai scanned for Internet of Things (IoT) devices that were still using their default passwords and then enslaved those devices into a botnet, which was then used to launch the attacks.

A thermostat in a casino

The other great example that shows how an IoT device can cause security breaches is linked to a casino and an aquarium. Recently, news rose an unnamed casino was hacked through its Internet-connected thermometer in an aquarium in the lobby of the casino.

According to official sources, the hackers exploited a vulnerability in the thermostat to get a foothold in the network. Once they were inside the casino’s system, they managed to access the high-roller database of gamblers and then pulled it back across the network, out the thermostat, and up to the cloud.

But what are the options for us to stay protected?

First of all, the best way to protect ourselves and our networks is to connect only necessary devices to the network and place them behind a firewall. Also, always keep your operating systems and software up-to-date, and use different kinds of security products.

Always change the Default Passwords of your connected devices. Check if they use their default credentials, and keep in mind: hackers often scan for these when trying to corrupt IoT devices.

Disable Universal Plug-and-Play that comes enabled by default in every IoT device. It creates a hole in your router's security, allowing malware to infiltrate any part of your local network. So, check for these features, and turn them off.

Disable Remote Management in your router’s settings specifically through Telnet, as this is a protocol used for allowing one computer to control another from a remote location. It has also been used in previous Mirai attacks.


You might also be interested in:


Share this post

Comments ()