Avast experts conducted an experiment installing in Russia (in Moscow and Khabarovsk) and in other countries of the world more than 500 trap servers (Honeypots), posing as IoT devices, such as streaming devices, webcams or routers. With this, the experts wanted to prove how many potential attacks smart home devices face.
More than 500 traps were scanned by potential attackers 561,003 times in two hours, and five devices located in Russia were scanned 5,370 times in two hours. Honeypots traps were located in Russia, Mexico, France, Germany, South Korea, Australia, the United Kingdom, Australia, Japan, Spain, Ireland, Singapore, the United States, and India. According to the research, the three main countries from which the attacks came were the US, the Netherlands and Japan.
It is worth noting that Avast researchers chose typical connected devices with open ports to make attackers believe they were connecting to real routers, smart TVs, Webcams, or other smart devices.
The purpose of the trap was to calculate the activity of cyber criminals and study the methods of attackers who believe they attack real devices with real data. Avast traps were programmed with open ports such as TCP: 23 (telnet Protocol), TCP: 22 (ssh Protocol), TCP: 80 (HTTP Protocol), which are usually found in Internet-connected devices such as routers, security cameras and smart TVs.
According to Avast research, streaming devices are among the top 5 most vulnerable in the home, and two-thirds of routers in Russia have weak credentials or software vulnerabilities.
According to Michal Salat, Director of the Avast Threat Analysis Department, most people do not pay much intention to the vulnerabilities of home devices such as smart speakers, TVs or light bulbs, as they believe that they can not become a target of cybercriminals.
"For many people, it probably doesn't matter if their devices are used to attack other people, but they should know that hackers can also target them".
An attacker needs only one hacked device to take control of the entire home network. A vulnerable coffee maker can become the front door for a hacker to spy on households with a smart speaker and a security camera. In addition, connected devices may contain GPS data, so that an attacker will receive information about the exact location of the device.
