The average home receives five attempted attacks per device per day via smart networks, and smart home security cameras equate to 47% of the most vulnerable devices, followed by smart hubs (15%) such as Google Home, Amazon Alexa.
These are among the findings of research conducted by SAM Seamless Networks’ Threat Assessment Lab.
Other devices found to be vulnerable to attacks are NAS (12%), printers (6%), smart TVs (5%), and IP Phones (4.3%).
According to the report, 40% of attacks aim to take complete control of the device while 30% aim to reveal sensitive information or allow bypassing authentication.
Ransomware is the most common type of attack in the United States, Japan, and India while email malware and phishing are the most common attacks in Europe.
Globally, the most common attacks are phishing (50%), IoT crypto mining (30%), ransomware (10%), and financial trojan (10%).
The report also revealed that China and the United States are the top countries both for executing attacks and being targeted, followed by Brazil, Russia, and India.
But the most targeted countries are the United States (13%), China (11%), Japan (11%), India (10%), and Italy (5%).
“The target of attacks is no longer just enterprises,” said Sivan Rauscher, CEO and Co-Founder of SAM. “High profile hacks on home networks have positioned these at the forefront of cybercrime.”
“The upcoming regulation and government policies on IoT and connected devices bring further attention to the problem, but they are not enough,” she said.
Ruscher said there is an in-depth and continual investigation to understand where the vulnerabilities are coming from.
Dave DeWalt, Chairman of SAM Seamless Networks and CEO of NightDragon, affirmed that home networks are highly vulnerable with multiple access points.
“As enterprise security technology becomes more sophisticated, attackers are now targeting lower hanging fruit which is easier to access,” he said.
According to the report, routers are leveraged to access and “own” the home network while NAS (backup drives) are utilized as an access point as many use old software and seldom is firmware updated.
Meanwhile, “cameras are utilized as access points as many are based on the same generic model, with the same exploits which enable an attacker to access millions of devices.”
“Seventy percent of attacks are in plaintext protocols (HTTP, Telnet, RTSP, UPNP, SIP) while 16.5% of attacks are in SSL,” the report added.
Headquartered in Tel Aviv, Israeli SAM Seamless Networks is a cybersecurity technology platform that protects the connected home.
Founded in 2016 by former cyber specialists in the Israeli Army, including CEO Sivan Rauscher, CTO Eilon Lotem, and Vice Chairman Shmuel Chafets, the company has since raised a total of $16 million over two rounds in 2018.