Categories: Uncategorized

Thousands of Smart Homes and Businesses Worldwide Could Be Wide Open to Hackers: Avast Report

If you think you are safe and sound in your futuristic smart home, think again. According to a research done by cybersecurity company Avast, 32,000 smart homes and businesses are at risk of leaking data. In a threat research paper, ‘Are smart homes vulnerable to hacking?’, Avast expert Martin Hron explains that because of technical weaknesses in something called the Message Queuing Telemetry Transport (MQTT) protocol, smart devices might be giving away the means of getting into our homes.

The MQTT protocol is used to interconnect and control smart home devices such as smart boxes, light bulbs, shades, thermostats, voice assistants, and smart machines. To implement it, users set up a server, which usually resides in a PC or a mini computer, which in turn connects with devices. The research says while the MQTT protocol itself is secure, if misconfigured, it can pose serious security threats.


Amazon and Embassy Group to Launch Alexa-Enabled Smart Homes


Avast, found more than 49,000 MQTT servers publicly visible on the internet due to a misconfigured MQTT protocol, including over 32,000 servers with no password protection.

“If the MQTT protocol is not properly configured, cybercriminals can gain complete access to a home and for example, learn when their owners are at home, manipulate entertainment systems, voice assistants, household devices, and physically open smart doors,” the report says.

The research points out that the reasons for such security lapses lies in the fact that the devices are built using technology protocols that date back to the 1980s and a lack of focus on security when setting up IoT devices.

“It is frighteningly easy to gain access and control of a person’s smart home, because there are still many poorly secured protocols dating back to bygone technology eras when security was not a top concern,” said Hron. “Consumers need to be aware of the security concerns of connecting devices that control intimate parts of their home to services they don’t fully understand and the importance of properly configuring their devices.”

While the affected countries pointed out by Hron are China, US, Germany, Republic of Korea, and Hong Kong, India could have 595 homes facing the same threat.


The Autonomous Car Industry is Getting Smarter


According to the report, once IoT systems are hacked, perpetrators can read messages transmitted using the MQTT protocol, which means they can read the status of smart window and door sensors, see when lights are switched on and off, control connected devices, or even poison data using the MQTT protocol on behalf of devices. The report quoted a creepy example of an attacker sending messages to a smart hub to open the garage door.

Calling the convenience of IoT devices and smart home hubs connected to the internet a “double-edged sword”, Avast says that to secure users’ entire smart home ecosystem, manufacturers have to create IoT devices that are simple to set up but with higher levels of security.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

91.55% of Indian finance websites fail accessibility standards

As digital transformation accelerates, ensuring accessibility remains crucial for millions of Indians with disabilities. Addressing…

5 hours ago

Is AI Hitting a Plateau? The Scaling Debate OpenAI Prefers to Avoid

I think OpenAI is not being honest about the diminishing returns of scaling AI with…

22 hours ago

PayalGaming becomes India’s first female gamer to win an international award

S8UL Esports, the Indian esports and gaming content organisation, won the ‘Mobile Organisation of the…

1 day ago

Funding alert: Tech startups that raked in moolah this month

The Tech Panda takes a look at recent funding events in the tech ecosystem, seeking…

2 days ago

Colgate launches AI-powered personalized dental screenings

Colgate-Palmolive (India) Limited, the oral care brand, launched its Oral Health Movement. The AI-enabled initiative…

2 days ago

The role of ASR in voice bots: Revolutionizing customer interaction through real-time recognition

This fast-paced business world belongs to the forward thinking organisations that prioritise innovation and fully…

3 days ago