As homes become more intelligent, cybersecurity becomes paramount, writes Ross Brewer, Vice President & Managing Director, EMEA at Graylog
It’s likely that you have a number of IoT devices in your home.
Be it your smart TV, your smart thermostat, or even your smart fridge, these devices are connected to the internet to offer advantages like improved efficiency, convenience and the ability to automate tasks while away from the house.
It’s estimated that as of the end of 2024, there were 18.8 billion connected IoT devices in use across the globe – up from 16.6 billion at the end of 2023. And as smart appliances and devices increasingly become the norm in our homes, that number is only going to continue to rise.
However, while IoT devices and sensors offer us advantages in helping us to control things in our home via a smartphone app or even our voice, the very nature of Internet-facing devices means that they can also bring additional cybersecurity and privacy risks if managed incorrectly.
Unfortunately, this is something which many users don’t think about. They may not even be aware of the potential cybersecurity issues IoT devices can expose them to – and that’s especially the case if they freely connect such devices to their Wi-Fi and Internet connection.
And in many cases, it’s unfortunately manufacturers who are also to blame for shipping insecure IoT devices. Rather than going through the appropriate processes to ensure they’re secure by design, devices are rushed to market with little or no thought given to security – and this has resulted in disastrous consequences.
Perhaps the most significant example of this is the Mirai botnet attack of 2016. The massive, distributed denial-of-service (DDoS) attack took down websites and services across Europe and North America, including Netflix, Spotify, Reddit, PlayStation Network and many more. The attack was powered by Mirai malware, which scanned the Internet for certain IoT devices using default usernames and passwords, exploiting this to take control of them and add them to the botnet.
Almost a decade later, variants of Mirai remain active and they’re still scanning the web in search of vulnerable IoT devices to add to botnets. Because in 2025, there are billions more IoT devices than there were in 2016 – but unfortunately, many are still susceptible to the same security vulnerabilities they were back then. And this isn’t helped by how many older IoT devices have stopped receiving – or maybe never received – patches and updates to counter vulnerabilities and threats.
One of the reasons for this is that many IoT devices continue to be shipped with weak cybersecurity measures. Despite incidents like the Mirari botnet showcasing the dangers of weak default credentials, many IoT devices continue to be released with simple default passwords, like ‘admin’ and ‘1234’.
The UK government has enacted a law banning default passwords like these. But while welcome, this doesn’t outright fix the problem: many homes will still be using smart devices purchased before these rules came in. Users may not know that it’s good cybersecurity practice to change the default password of the device, or if they do, they may not know how to. And even if they want to change the password of the IoT device, it may not be possible – it’s still common for IoT products to be shipped with hardcoded passwords which just can’t be changed.
Even if default or hardcoded passwords are banned going forward, it’s still likely that people have IoT devices in their home from before this legislation came in. That’s especially the case when it comes to major appliances like a smart fridge or a smart television, which many households will only replace once in a decade or more. That means these devices – the networks they’re connected to and the personal data stored on them – could be vulnerable to IoT-based cyber threats for years to come.
This is something that cyber threat groups are highly aware of and earlier this year, the UK’s National Cyber Security Center (NCSC) issued an alert on the increasing number and sophistication of malicious threat actors targeting IoT devices, particularly those sitting on the edge of networks.
The reason attackers are targeting these devices is simple: they handle important information, connect directly to external networks while also often not being scanned or detected by traditional cybersecurity solutions, making them a prime target for hackers looking to exploit an open backdoor to gain entry to a target network.
An example of this was seen this year, when researchers discovered that cyber criminals had used an unsecured IoT webcam as a gateway for conducting a ransomware attack. The attackers initially failed to deploy the encryption tools, because the intended victim’s Endpoint Detection and Response (EDR) spotted and countered the threat.
But after this, the attackers used the remote access to the network they had gained to look for an alternative means of unleashing the attack – which they did after compromising the IoT webcam and using its Linux operating system as a staging post for avoiding detection – until it was too late and ransomware had encrypted the network.
In other cases, cyber criminals have taken advantage of weak security of IoT devices to compromise smart cameras, using them to spy on their owners. As IoT devices become more ubiquitous in our homes, it’s likely that the challenges around securing them are only going to become more complex.
However, with the correct approach and the correct tools, there are steps which can be taken to help protect IoT devices in our homes from cyber attacks and intrusions.
One step people can take is to ensure that any IoT device they want to install in their homes are secure by design as they can potentially be. That is, they’re produced by a company which has taken the appropriate steps to ensure their product is as well protected as possible. In general, although not always, it’s likely that devices from a well-known brand will come with more security controls, than a cheap device from a company you’ve never heard of before.
For users, it’s also important, when it’s possible, to change the default credentials of an IoT device. Even if the default password isn’t a simple one, it could still be shared across multiple devices, perhaps even millions of them, running the risk that if one of these has their password cracked, every other user who hasn’t changed their password becomes vulnerable.
In addition to this, it’s also vital to keep IoT firmware and software up to date with the latest security patches to protect against new potential threats. A simple way of managing this is to ensure automatic updates are in place.
It remains common for IoT devices to not be covered or protected by traditional cybersecurity tools. However, one way to counter this is with an IoT-specific security tool which offers features such as log management. IoT devices generate large amounts of logging and events data – by observing this appropriately, it’s possible to monitor for and prevent incidents before they happen.
The future of the home is smart. A smart approach to securing our homes from IoT cyber threats is also needed.
As Vice President and Managing Director, EMEA at Graylog, Ross Brewer is transforming how organisations harness their log data to outsmart cyber threats and streamline IT operations.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by visiting our LinkedIn page.
