Research reveals the most vulnerable IoT devices

SAM Seamless Network unveils its Threat Assessment Lab research, investigating new attack vectors focusing on IoTs.

It was revealed that though there is a range of connected devices from computers to smart televisions and kitchen appliances, 47% of the most vulnerable devices are security cameras installed on home networks, followed by smart hubs (15%), like Google Home and Amazon Alexa, and network-attached storage devices (12%).

Security camera systems are the most hacked IoT devices as attackers are able to bypass the security of cheap models of IP cameras. Many of these devices have similar blueprints thus if a vulnerability is found in one device, it is most likely found in other devices. 

Omri Mallis, chief product architect at SAM Seamless Network told ZDNet:

“The most serious attacks target IP cameras. It feels that people aren’t investing in the best state-of-the-art security cameras which can cost hundreds of dollars – so they buy the cheaper ones.

“These are very vulnerable devices.”

Other findings show the US and China are the biggest culprits when it comes to both executing and suffering targeted attacks, with the average home receiving five attempted attacks per device per day via smart networks. Midnight was the most common time for attacks to be executed – as most users will be asleep and not be aware of the attack.

Phishing and email malware are the most common attack types in Europe, whilst in the US ransomware is more prevalent

Many IoT devices are known to have vulnerabilities that include having weak passwords that cannot be changed, and even allowing attackers to remotely access and/or control from the Internet. Both weakness can mean a hacker gains access into other connected devices on the network.

Sivan Rauscher, CEO and Co-Founder of SAM Seamless Network said:

“You might think nobody cares about your smart TV, but once it’s connected to your computer where you have all your data and credentials, all of a sudden it becomes an interest.

“We need in-depth and continual investigations to understand where the vulnerabilities are coming from. The upcoming regulation and government policies on IoT and connected devices bring further attention to the problem but they are not enough.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/