A national report has found the poor cyber security of smart home devices is putting our private data at risk.
Earlier this year, the Trend Micro annual cybersecurity roundup for 2022 revealed that a staggering 75.2 per cent of its Australian Identity Protection had their data found on the Dark Web, with email being the most common information in a breach.
With a record 146 billion threats blocked globally in 2022, a 55 per cent increase compared to 2021, experts warn that cybercriminals are becoming increasingly sophisticated and their attacks more targeted.
The report also highlights the need for heightened cybersecurity measures across the entire home network, as Australia experienced 118 attacks per connected household in 2022 – almost one attack every two days.
Experts warn that anything connected to the internet is at risk, including any smart devices you might have lying around the home.
“The threat landscape is constantly evolving, and 2022 was no exception,” said Trend Micro AMEA VP of consumer business Tim Falinski.
“Our 2022 Annual Cybersecurity Roundup report shows that cybercriminals are becoming more sophisticated, and their attacks are becoming more targeted and destructive.”
It only takes one vulnerable smart home device to compromise the security of the entire home network, giving potential hackers a back door to access personal data or other connected devices.
Earlier this year, security experts claimed that up to 60 per cent of the 30 billion-plus Internet of Things (IoT)-connected devices on the global market are completely insecure or can be hacked using straightforward brute force attacks.
In 2019, digital security provider Avast revealed through a global study of over 16 million home networks that over a third (33.4 per cent) of Australian homes contained at least one connected smart device prone to a cyber attack.
In 2023, over 2.4 million homes regularly use some form of smart home technology, which is expected to almost double by 2030.
Despite voluntary guidelines imposed on companies by the previous government, Home Affairs market research found they had minimal impact on the product’s cyber security protection.
The study found whilst some equipment manufacturers under pressure to deliver affordable smart devices quickly neglected cybersecurity features, it was the homeowner or installer of the smart devices who left the lines of defence exposed.
The report also identified the top vulnerable devices as routers, printers, wi-fi extenders, security cameras, media-streaming devices, gaming consoles and smart TVs.
“While major brands we spoke to had good intentions to implement strong cybersecurity, many firms had not yet implemented some high priority, low-cost recommendations of the Code of Practice, such as vulnerability disclosure policies,” the report read.
Attempting to improve safety for Aussie consumers, Standards Australia has since partnered with the Internet of Things Alliance Australia (IoTAA) to develop a Smart Devices Cybersecurity Labelling Scheme (CLS).
This CLS would see an accredited independent body provide a certification once the product demonstrates that it conforms with Australian Standards and is authorised to utilise a smart device cyber security label.