According to reports from security and risk management data provider CSO, some 32,000 smart homes can be “easily hacked” by “cyberthugs [who] could gain complete access to a home.” Once inside, hackers can manipulate entertainment systems, voice assistants, household devices, and even physically open smart doors. Avast blogger and IT expert Martin Hron explained the issue lies within a Message Queuing Telemetry Transport (MQTT) protocol that may be set up incorrectly on smart-technology servers.
MQTT is a system allowing smart-home devices to communicate with a controller and in some cases, with each other. If the communications system is set up incorrectly—even without being compromised—hackers can tell your smart devices what to do. Perhaps more problematically, they even have the ability to listen in on your private activities.
Hron elaborated this issue will grow in magnitude as more homeowners use and integrate smart devices over properties. “Manually controlling a few smart devices is not a problem, but as they increase in number…at some point, without automation, managing connected devices becomes more work than the convenience is worth,” he said.
Why 32,000 Homes are At Risk
Today, cybersecurity is a ubiquitous topic of conversation. Hron said many smart devices are built “using technology protocols that date back to the 1980s.” Cybersecurity simply was not the complex issue then that it has become today. Most networks at that time could not be accessed externally anyway. Another factor is that many MQQT servers are easily accessible online, particularly to a hacker who knows where to look. According to Shodan IoT, almost 49,000 MQTT servers are exposed, 32,000 of which have no password protection at all.