British IT security manufacturer Sophos has carried out a field test on the vulnerability of smart home infrastructures. The lure was an area of 10 m2 equipped with interconnected IoT devices and control systems from different manufacturers, connected to the Internet - just like smart homes are usually set up.
The result is worrying: daily access attempts from around the world soon reached 1,500 a day and increased to 3,800 once the passwords were reset to the factory defaults. The hackers nevertheless did not make any changes - although they could, for example, have turned off the lights, pulled the blinds or used the printer.
Regular searches using the IoT search engines SHODAN and Censys reveal a steady increase in such open gateways. “Users need to be aware that many IoT devices are small, network-enabled computers that can be controlled from the outside,” warns Michael Veit, IT security expert at Sophos Germany. The manufacturer has summarized the results of its long-term IoT security study in a white paper .