Routers will be a prime target for hackers looking to compromise network-connected devices as the Internet of Things (IoT) grows, according to security firm Avast.
Failure to change default passwords and the poor levels of security on standard routers will present tempting targets for hackers looking to seize control of IoT-enabled devices, it warned.
Ondrej Vlcek, chief operation officer at Avast (pictured), told V3 that hackers are more likely to want to take over the local networks that connect such devices rather than hack into the individual devices themselves.
“It is the easiest device of them all to attack, because [routers] are so vulnerable and riddled with problems. Instead of going through the individual devices, there will be more motivation to hijack the network, because the network is really where it is all happening,” he explained.
“Hijacking the network is by far more valuable, you can do much more harm by owning the network than you can from trying to hack into individual data. It makes more sense and is more practical for hackers to focus on hijacking the network.”
A growing trend in the technology industry, the Internet of Things (IoT) is leading to increasing numbers of everyday objects, devices and products gaining internet connectivity.
Despite this threat, Vlcek believes attacks on IoT-enabled devices are unlikely to reach anywhere near the scale of today’s more enterprise-focused security breaches, which can be highly lucrative for the perpetrators.
“I don’t think that the problem of malware going through the individual devices of the Internet of Things will ever grow above some anecdotal trivial level,” he said.
“In general, the attacker will always be where the money is. If there is a way to make money through hacking into your thermostat then yes. But that doesn’t necessarily mean that the hacker will have to install malware on the thermostat.”
Vlcek also believes the relatively haphazard nature of the IoT will keep it immune from seriously disruptive attacks.
“History shows that in terms of security, it is much more difficult for the attacker at a global scale to attack an environment that is completely heterogeneous and very diverse [like the IoT]. If you have multiple platforms, multiple devices and firmware, it’s always better than a monoculture of [connected devices],” he explained.