March 7, 2023
According to our device intelligence data, IoT devices make up around 33% of all devices connected to consumer home networks. These devices are infamous for their security vulnerabilities and poor vendor practices. Nevertheless, network service providers can offer their end-users a reliable way to protect the entire home network, including all of their IoT devices: CUJO AI Sentry.
This list of most attacked IoT devices is based on the latest cybersecurity report from CUJO AI Labs, which analyzed over 2.1 billion threats stopped on home networks and identified the most attacked brands and device types.
Network-attached storage (NAS), DVR, IP cameras, baby monitors, and audio-video devices are the 5 most targeted device types, when we consider the average number of threats to each device type. Popular devices, such as smartphones, smartwatches, tablets, or computers, face orders of magnitude fewer threats than NAS devices or DVRs, on average. To find out more about the differences in relative threats devices face, see the device type threat index at the end of this article or in our cybersecurity report.
1. Network-attached Storage (NAS)
NAS devices are targeted hundreds of times (345, to be exact) more often than an average connected device. There are several reasons why this happens:
- NAS devices are perfect targets for ransomware due to the valuable data they hold.
- They are often configured to make them more susceptible to attacks: they need to have ports opened for the owner to access data when away from home. With ports 8080 and 443 open, NAS devices are easily noticed by attackers.
- Users usually have to approve firmware upgrades, which adds significant delays to the patching process.
Digital video recorders (DVR) are used to record digital video from IP cameras and other sources to disk drives, USB flash drives, SD memory cards or mass storage devices. Some DVR vendors sell poorly configured devices with open ports that allow access from outside the home net- work. Also, many DVR vendors autoconfigure the home router via UPnP to open its ports to the Internet.
Our data shows that DVR devices are attacked almost 45 times more often than an average device, or more than two times more often than the third type of IoT devices in this list.
3. IP Cameras
An average IP camera is attacked over 20 times more often than an average device. Of the top 30 most attacked IoT device models, all are made by different manufacturers, however, just 4 brands are targeted by more than 96% of attacks.
IP cameras are infamous for having poor security. They are being hacked not only to spy on people, but also to participate in coordinated DDoS attacks.
Infected IP cameras also often become part of botnets. Many IP cameras have poor configurations, such as publicly known hard-coded administrator credentials, which make them easy targets for brute-force attacks. Since, like NAS devices, IP cameras are accessed remotely by their users, they are often exposed to the Internet. Like DVRs, many IP cameras autoconfigure the home router via UPnP to open ports to the Internet.
4. Baby Monitors
Large hacks of baby monitors are often portrayed in the media and resonate within society, since these devices are placed in very private settings. Our data shows that baby monitors are indeed attacked very often, albeit not as often as NAS devices or IP cameras. Most of the time, baby monitors are running the same software and have the same vulnerabilities as IP cameras. Baby monitors with cloud-only interfaces are safer from these types of threats, but can still be vulnerable to other attack vectors, like password reuse.
The threat landscape of baby monitors looks rather surprising, as our data clearly shows that just a few devices of a single brand are being targeted by 98% of all threats to baby monitors.
5. Audio-video Devices
Audio-video devices are targeted by threats around 50% more often than desktop and laptop computers. Audio-video devices are a combination of devices that perform video conferencing, as well as audio, video streaming. Quite a few brands are targeted by malicious activities in this category. Nevertheless, just 3-4 brands are attacked overwhelmingly more often than others, when we take device population numbers into account.
To find out more about how these and other IoT devices are targeted by attackers, as well as which device brands and models are attacked most often, download our latest cybersecurity report or visit our ISP security hub for more security insights for network service providers.