One out of three Americans is worried about smart devices in their homes being hacked, according to research released Monday.
Top devices raising concerns among consumers are the Amazon Echo, security cameras, Google Nest thermostats, smart doorbells, and smart TVs, revealed the research by CraftJack, a construction contracting services provider in Evanston, Ill.
Four out of five of those devices — with the exception of smart doorbells and the addition of smart locks — ranked among the top five devices consumers said they wouldn’t allow into their houses over privacy concerns, noted the study, which was based on a survey of 807 Americans ranging in age from 18 to 79 who have internet-enabled devices in their homes.
According to Rob Enderle, president and principal analyst at the Enderle Group, an advisory services firm in Bend, Ore., consumers have good reasons to worry about smart home devices.
“We’ve had substantial issues with people hacking nanny cams and laptop cameras in order to get a view into homes,” he told TechNewsWorld. “While security over this class has improved, the desire and tools to hack into these devices have been increasing, making it ever more critical that security should be one of the considerations when purchasing smart home tech.”
Identity Theft and Privacy Risks
Given the proliferation of smart devices in the home, added Mark N. Vena, president and principal analyst at SmartTech Research in San Jose, Calif., this is an incredibly under-reported topic.
“The increasing integration of smart devices into daily life raises concerns about cybersecurity,” he told TechNewsWorld. “Consumers worry about the potential hacking of these devices, risking privacy invasion, data theft, and even physical harm.”
“From smart home appliances to wearables, vulnerabilities exist, demanding robust security measures,” he continued. “Breaches can compromise sensitive information, leading to financial loss or identity theft.”
“As reliance on interconnected devices grows, addressing these concerns becomes crucial to ensure a secure digital environment for consumers globally,” he said.
While consumers should be worried about the risk they bring into their homes with smart devices, it should be the same kind of worry that drives homeowners to lock their doors, maintained John Gallagher, vice president of Viakoo Labs, an enterprise IoT security company, in Mountain View, Calif.
“Any IP-connected device comes with concerns of it being hacked, especially smart devices because they can carry personal information and also often will have business information,” he told TechNewsWorld.
“In some ways, the risks for consumers are less than IoT devices in the enterprise,” he continued, “where threat actors have access to more devices and likely more of a payout from their exploits. However, even in the home, the risks should be assessed on a device-by-device basis.”
Not only do smart devices pose risks to consumers, but the apps that run them do, too. “The vast majority of smart devices used in homes also have a corresponding app used to control those smart devices,” explained Kern Smith, vice president for Americas pre-sales at Zimperium, a mobile security company headquartered in Dallas.
“Mobile applications are the main command and control system for the users of these devices, and the way that corporations that are developing and selling these devices actually interface with their customers,” he told TechNewsWorld. “It is essential that these mobile apps be built with security and privacy in mind, as they sometimes are the literal keys to the customer’s kingdom.”
“The smart device ecosystem extends far beyond just the gadget, and the ultimate nexus of these devices is the mobile device and mobile app that connect and control these devices,” he said. “If those are compromised, they can present a larger and more far-reaching challenge for the customer and corporation versus just an individual hacked smart device.”
The CraftJack research also found Americans concerned about their smart devices spying on them, with more than three-quarters (76%) of the survey respondents saying their gadgets were listening to them in some way and 61% believing the devices are always eavesdropping on them.
For many, confirmation of these fears comes in the form of targeted advertisements on their phones, the researchers wrote. Nearly two-thirds (62%) report receiving ads after talking about something near one of their smart devices.
Big Brother Listening?
Who could be listening through a home’s smart devices?
Thirty-five percent of the survey sample said they were worried about hackers and cybercriminals monitoring their activities through their smart devices; another 16% were concerned about advertisers, and 15% were worried about the U.S. government.
“The most surprising stat to me was that 15% expressed skepticism about the U.S. government’s potential surveillance through these devices,” said CraftJack spokesperson Jenna LeMair.
“Ten years ago, that idea would have been considered a conspiracy theory,” she told TechNewsWorld. “Now there’s a solid number of people who believe it.”
The researchers also found that three in four Americans have no idea how to check and see whether their smart devices have been hacked.
“I think vendors should play a proactive role in educating consumers about security for the smart tech in their homes,” LeMair said. “The high percentage of individuals unaware of how to check for device hacks proves the need for more education.”
She suggested vendors provide security guides with their devices, online resources like FAQs or troubleshooting guides, and timely notifications and updates regarding security measures.
Vendors’ Pivotal Role
“Vendors can and should do more, especially when a new device is being set up,” added Gallagher.
He recommended that users undergo training on maintaining a device’s cyber hygiene as they are first learning to use it.
“Vendors play a pivotal educational and awareness role in enhancing smart tech security by educating consumers,” Vena explained. “Clear communication on software updates and potential risks is crucial. Ultimately, a comprehensive education strategy ensures users are well-informed about smart tech security, fostering a safer digital ecosystem for everyone.”
Enderle, though, sees the vendor’s role as a narrow one. “Education for owners should really focus on how to secure the devices properly,” he said. “Asking a homeowner to become a security analyst and develop a rapidly changing skill set to do security diagnostics is likely a bridge too far for your average homeowner.”